BetMGM said it believed the breach occurred in May of this year, though it only became aware of it last month.
The breach allowed unauthorised personnel to see “personal information of some patrons such as name, contact information (such as postal address, email address and telephone number), date of birth, hashed Social Security number, account identifiers (such as player ID and screen name) and information related to transactions with BetMGM”.
However, the business said it had no reason to think that patron passwords or account funds were accessed.
“BetMGM is coordinating with law enforcement and taking steps to further enhance its security,” the operator said. “BetMGM recommends patrons remain alert for any suspicious activity or unsolicited communications regarding their personal information.”
In order to protect customers against potential scams using their data, the operator has offered affected patrons credit monitoring and identity restoration services for two years free of charge.
Adam Greenblatt, CEO of BetMGM, added that data security was a priority for the business.
“We are taking this matter very seriously and are working quickly to investigate it,” he said. The security of our platform and our patrons’ data is a top priority for BetMGM. We regret any inconvenience this may cause.”
Last month, rival US operator DraftKings revealed that a mass hacking of DraftKings customer accounts led to the loss of $300,000 (£252,745/€291,742) in funds.