On Monday 8 July, Flutter Entertainment confirmed that there has been a data leak at gambling sites Paddy Power and Betfair. In the process, players’ personal data was captured.
According to images circulating on social media, the data involved included usernames, e-mail addresses and the first lines of home addresses, along with the customer’s place of residence.
The company also revealed that hackers gained access to certain data about recent activity on accounts. These include technical information such as device IDs and IP addresses.
Although not all Paddy Power customers were affected, reports indicate that a sizeable group of people were affected.
In a statement, Flutter warned that so far there is no evidence that the stolen data has already been misused. Still, there is a risk that criminals could use this information to set up phishing attacks or impersonate customers.
Flutter reports that the incident has been brought under control
A spokesperson for Flutter said the incident involved personal data being stolen from some of its customers.
When the company discovered the attack, they immediately alerted the appropriate authorities and regulators. Flutter also immediately launched a major investigation, together with external digital security experts.
The hackers’ access has since been blocked. Flutter says the incident is now fully under control.
Flutter’s investigation shows that only data from widget accounts were affected. Passwords, identity documents or payment details were not stolen. All affected customers are being personally informed.
According to Flutter, the protection of customer data always comes first.
Regulators have been notified of the data breach
The incident has also been reported to the Information Commissioner’s Office and the Gambling Commission in the UK.
According to sources, the incident is now fully resolved and closed. This attack comes shortly after the British Horseracing Authority was also hit by a cyber attack.Interestingly, this kind of attack is becoming more and more common. Just last week, the top executive of department store chain Marks & Spencer said in The Times that 43% of UK businesses suffered a cyber attack in the past year.