We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Over 8 GB Database Exposing Millions of Hotel Guests Dumped (for Free) on Telegram

vpnMentor Research Team Cybersecurity and Research Lab

Over 142 million records were publicly shared on Telegram, exposing the personally identifiable information (PII) of MGM Hotels customers around the world, including the names, postal addresses, email addresses, phone numbers, and dates of birth of millions of people. 

On May 22nd, 2022, the vpnMentor Research Team stumbled upon 4 archive files totaling 8.7GB of data that were leaked on Telegram for anyone to find. It is unclear how many people were exposed, but according to the claims of the hackers who shared the files, we assume at least 30 million people had some of their data leaked.

In February 2020, over 10 million records were published on a hacking forum, while all the 142+ million were sold on a dark web cybercrime marketplace in July 2020 for 2,900USD. The breach had been initially discovered by the company back in the summer of 2019. 

This time, the whole breach is being shared for free on Telegram - a platform that is much more accessible for even the least tech-savvy people. 

The data exposed customers from before 2017 and included the following PII: 

  • Full names;
  • Postal addresses;
  • Over 24 million unique email addresses;
  • Over 30 million unique phone numbers; 
  • Dates of birth

MGM Resorts International is an American hotel chain and entertainment company with hotels located in the USA and in China.

You can see a full breakdown of the leak in the table below: 

Where and when was the leak posted? Telegram, on May 22nd, 2022
Company affected MGM Resorts International hotels
Size of the exposure 8.7GB; 142,479,938 records
Number of affected users Over 30 million

Potential Impacts

Bad actors could send phishing messages and scams to exposed users via SMS and email, using the victims’ full names and home or business addresses to build trust. As the breach is now 2 years old, the people exposed may not be expecting to be targeted. 

They could also target elderly people (thanks to the detail regarding the date of birth) and try to scam them as an easier target. 

What Should You Do If You’re Exposed?

You may want to take some steps to protect your data if you were an MGM hotel customer before 2017.

It is crucial to disregard any suspicious SMS messages, calls, and emails, while also equipping yourself with knowledge about phishing attacks, scams, malware, and various other types of cybercrime.

Update: Following our publication, the research team has been contacted by BreachForums Admin, pompompurin, who informed us that the database originally leaked on breach.co on May 20th - which we confirmed. According to them "Telegram channels commonly take [their] files and just leak them as their own".

What Are Telegram Leaks and Why Should You Care?

As previously reported by our team, hackers are making more and more use of platforms like Telegram to communicate and share information about data breaches.

Telegram uses encryption and offers its users some anonymity. It is also easily accessible and doesn’t require any technical skills. This makes it the perfect platform for hackers to post data breaches, even more so if they want more people to have access to them.

Our cybersecurity researchers scour Telegram and the dark web to find the latest cyberattacks and data breaches. Hackers often post information on these channels before a cybersecurity incident is publicly known.

By reporting on these incidents, we’re able to inform potentially affected parties earlier so that they can act quickly to protect their data. Our research team similarly recently discovered a breach on Telegram affecting millions of VPN users. In the past, our team also discovered several data breaches affecting the hospitality industry, including the Pyramid Hotel Group and the Gekko Group.

We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

About the Author

vpnMentor Research Lab is a pro bono service that strives to help the online community defend itself against cyber threats while educating organizations on protecting their users’ data.
Our ethical security research team has discovered and disclosed some of the most impactful data breaches in recent years.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback