posts
One Click Cost MGM Resorts $100 Million In September 2023, a threat actor called Scattered Spider called MGM Resorts' IT help desk, impersonated an employee found on LinkedIn, and gained access to the company's entire network. The result: over $100 million in losses, days of disrupted operations,
One Click Cost This Company $100 Million In 2023, MGM Resorts was brought to its knees — not by a sophisticated zero-day exploit, but by a phone call. A threat actor called the help desk, impersonated an employee found on LinkedIn, and gained enough access to deploy ransomware across the entire
In January 2025, a finance employee at a multinational firm joined a video call with what appeared to be their CFO and several colleagues. Every face on the screen was a deepfake. The employee transferred $25 million before anyone realized what happened. That incident — reported by CNN and confirmed by
One Click Cost This Company Everything In March 2022, a single employee at Nvidia clicked something they shouldn't have. The Lapsus$ threat actor group walked away with over a terabyte of proprietary data, including employee credentials and source code. Nvidia isn't a small shop with weak
The Click That Cost One Company $46 Million In 2020, Ubiquiti Networks disclosed a breach that started with a single employee's compromised credentials. Attackers impersonated company executives, manipulated employees through social engineering, and walked away with $46.7 million in fraudulent wire transfers. The technology was fine. The
