Suit Says FTC’s Presence During MGM Ransomware Attack Precludes Investigation

The MGM ransomware attack that brought gambling to a halt at the Las Vegas casino in 2023 cost a minimum of $100 million in lost revenue. The Federal Trade Commission (FTC) is investigating the attack and MGM’s response, but The Register reports that MGM is raising a novel objection.

The casino has sued to halt the probe because Lina Khan, Chairperson of the Federal Trade Commission, was a registered guest at MGM when the attack occurred. “MGM’s misfortune that day was compounded by the presence of a powerful public figure at its Las Vegas hotel during the attack,” the lawsuit claims

It wasn’t long after Khan checked out that the FTC initiated the investigation. According to the lawsuit, it has asked MGM to produce “more than 100 categories of information,” some of them “seemingly derived directly from Chair Khan’s personal experience in transacting business with MGM during the attack.”

Additionally, the suit says that negative publicity about the hack was enhanced by media reports that Khan and her aide were hotel guests, which led to private lawsuits against the business.  “Specifically, it is now a defendant in fifteen consumer class actions,” according to MGM’s attorneys.

After the FTC initiated the investigation, MGM requested that Khan recuse herself because of her personal involvement. The FTC denied this request.

“Chair Khan’s personal involvement in the facts under investigation creates an appearance of a conflict of interest, and upon information and belief, an actual conflict of interest,” according to the lawsuit.