My friend Steve Friess posted a story on his blog about a supposed "hack" at MGMGrand.com that supposedly offered illegitimate low rates to customers.
Based on the email that went out afterwords, MGM Grand handed this poorly.
Also, I agree with Steve - based on all I know from years of building Web applications for e-commerce, this sounds like BS to me... If it is true, they were likely penetrated extremely deeply, which would be even worse. Just own the mistake and honor the rates already!
Updated: Steve has more details - not a 'hack' - just a promotion that was used by those it was not intended to be offered to. Still, maybe not the best handling?