Cyber & Advisory

Cybersecurity Services
Security Awareness Training
Residency
Compliance Readiness

(Co)Managed IT

Overview
Help Desk & End User Support
NOC (Server/Network RMM)
MDR/XDR (AI-Assisted SOC)
Remote Deployment and Operations

AI Integration

Overview
Anthropic Claude
Microsoft Copilot
OpenAI ChatGPT
Google Gemini
xAI Grok
Perplexity

Managed AI

Managed Private AI
Managed Agents
Managed AI for Education
Managed AI for State & Local Government
Book a Free AI Strategy Call

Learn / Guides

AI Hub
AI Guide: Education
AI Guide: Healthcare
AI Guide: State & Local Gov
SLED AI Prompting Guide

Cloud & Data

Cloud & Infrastructure
Backup & Disaster Recovery
AI & Automation

Security & Identity

Microsoft 365 Security
Google Workspace Security
Zero Trust Access

Modern Workforce

Virtual Desktops & Apps
Digital Workspaces
Unified Endpoint Management

Public Sector

Federal Government
State & Local Government
Education
Critical Infrastructure

Regulated Sectors

Healthcare
Financial Services
Legal
Private Equity

Industry & Operations

Manufacturing
Logistics
Hospitality

By Business Size

Large Enterprise
SMB Commercial
Startups
All Industries

Cloud & Productivity

Microsoft
Google
AWS

Data Center & Compute

Dell EMC
HPE
Hitachi
Nutanix

Virtualization & Workspace

Omnissa
Red Hat
Login VSI
TURBO.NET

Backup & Secure Files

Commvault
FileCloud
View All Partners

Read

Blog
Case Studies

Intelligence & Guides

Z7 Cyber Intelligence
AI Hub

Company

Why Z7 Solutions
The Z7 Platform
Careers
Contact Us

Federal & Contracts

Contract Vehicles
Capability Statement

Scattered Spider

Z7-TAF THREAT SCORE
0

CLASSIFICATION

CRITICAL THREAT

The Kids Who Took Down Vegas and Broke the Cloud

In September 2023, a group of teenagers and young adults, most under 25, paralyzed the Las Vegas Strip. MGM Resorts lost $100 million. Six terabytes of data vanished. And it all started with a 10-minute phone call to the help desk.

Eighteen months later, the same playbook took down Marks & Spencer for 46 days, costing over $400 million. Same attack vector. Same social engineering. Same lessons not learned.

Attacks Dissected in this report

MGM Resorts (Sept 2023)

$100M+ loss, 6TB data stolen, 10-day shutdown - Z7-BAF 8.89

Snowflake Campaign (2024)

165+ orgs breached, billions of records, AT&T/Ticketmaster - Z7-BAF 9.21

Marks & Spencer (April 2025)

$400M+ loss, 46-day outage, 9.4M customers - Z7-BAF 8.64

The uncomfortable truth

Scattered Spider doesn’t need zero-days. They don’t need advanced malware. They call your help desk, sound like a frustrated employee, and ask for a password reset. Your staff, trained to be helpful, complies. Game over.

The Snowflake campaign proved it even worse: they didn’t hack 165 companies. They used credentials stolen by infostealers in 2020 that were never rotated, on accounts that never had MFA enabled. Your ‘credential debt’ is their payday.

What's in the full intelligence report

ABOUT Z7 CYBER INTELLIGENCE

Z7 Cyber Intelligence delivers threat analysis and breach assessments used by security teams, compliance officers, and executive leadership. Our proprietary Z7-TAF and Z7-BAF frameworks provide quantified, defensible scoring that enables data-driven risk decisions.

Proprietary Methodology

Z7-TAF (Threat Actor Framework) and Z7-BAF (Breach Assessment Framework) are proprietary scoring systems developed by Z7 Solutions. Detailed scoring criteria, dimension weights, and assessment rubrics are proprietary. Complete methodology documentation is available under NDA for clients.

This page provides an executive-level preview only. Detailed analysis, scoring methodology, and proprietary frameworks are available in the full intelligence report.