GAMBLING

MGM Might Have $200M Cyber Insurance Policy, Says Analyst


Posted on: September 20, 2023, 02:32h. 

Last updated on: September 20, 2023, 02:47h.

MGM Resorts International (NYSE: MGM) announced Wednesday that operations at its US casino hotels are back to normal following a ransomware attack that commenced on September 10, and at least one sell-side analyst says the company’s financial exposure to the event is minimal.

casino stock
MGM Grand Las Vegas. The operator may have a $200 million cyber insurance policy, says an analyst. (Image: Luxury Lifestyle Magazine)

In a recent note to clients, JMP Securities analyst Jordan Bender said the research firm believes MGM has a $200 million cyber insurance policy that covers business interruptions and payments to bad actors. If that’s accurate, the Bellagio operator isn’t likely to incur significant costs attributable to the data breach.

If the breach is fully covered within the policy, MGM will incur minimal costs along the way, and see insurance premiums go up, but it would amount to a drop in the bucket for a company generating $4.7 billion of [cash flow] this year,” wrote Bender.

That jibes with recent comments from MGM rival Caesars Entertainment (NASDAQ: CZR). The Harrah’s operator was the victim of a ransomware attack by “Scattered Spider,” or UNC 3944, and reportedly paid $15 million to $30 million to halt the attack. In a Form 8-K filing with the Securities and Exchange Commission (SEC) last week, Caesars signaled that the payment was covered by a cyber insurance policy.

MGM Could Bear Short-Term Costs

By some estimates, MGM may have lost as much as $84 million in revenue due to an ongoing data breach that started on September 10.

That doesn’t include an estimated $1 million per day in lost cash flow and potential reputational damage. In his report, Bender noted that JMP forecasted that a cyber ransom paid by MGM could run anywhere from $30 million to $50 million. It’s likely that would be covered by insurance.

The Cosmopolitan operator has yet to publicly use the term “ransomware,” but if a payment is made to the perpetrators, MGM is required by the SEC to disclose that expenditure to investors, and that disclosure must arrive within four business days. For now, MGM’s priority is ensuring operations return to normal, though there are likely to be some hiccups along the way.

“We do not know the timeline of when operations will return to normal, but our checks indicate MGM is still experiencing day-to-day issues that could persist for a period of time,” added Bender.

MGM Share Price Can Recover

The ransomware attack on MGM has a plethora of victims, including guests of the company’s resorts and employees who reportedly had personal data stolen, and who lost access information such as paid time off scheduling and retirement benefits. Add investors to that list.

Since the start of the cyber attack, shares of MGM slid 6%, shedding $850 million in market value along the way. Bender believes the stock will bounce back and reiterated an “outperform” rating and $60 price target on the shares. That implies upside of more than 50% from current levels.

“Historical precedent has shown past hacks of credit cards and personal information within this space have not materially impacted long-term revenue, and in turn, companies saw a recovery in the stock price,” concluded the analyst.



Source link

X