Online Casino Players Warned After a Potential Security Breach
A disastrous security failure from an online casino and sportsbetting firm could have exposed the personal details of its users, as well as the financial information on approximately 108 million wagers. Should the reports be true, then hackers and fraudsters will be looking to gain access to the information.
Strong Criticism for Mountberg Limited
ZDNet.com is the online news service of CBS Corporation and last week it reported that Mountberg Limited is the party responsible for the breach. Reports indicate that the operator could have accidentally exposed sensitive personal information including the name, location, birth dates, telephone, and e-email address of its customers. This leak is the consequence of an internal server being left without a password.
Potential for Financial Information Too
According to the report from ZDNet.com, the failure of the operator’s ElasticSearch server may also have exposed a host of other information including: IP addresses, account balances, login information, and sensitive information related to payment methods, wagers, withdrawals and deposits. There will also have been information about the browser and OS used by the players.
Responsible for Many Domains
Mountberg is reportedly responsible for a range of iGaming domains including KahunaCasino.com, VIPRoomCasino.net, EasyBet.com and Azur-Casino.com. According to the reports, it is not yet clear how long the vulnerability was live.
Hopes for “Partially Redacted” Information
ZDNet.com reported that payment card information was stored “partially redacted” leaving a glimmer of hope for those affected that all of their information was not exposed. While this offers some hope, the news service also explained that bad parties will be able to use the rest of the information to illicitly target those players who had won “large sums of money” on one of the domains.
Impacted Server Taken Offline
There is still no news as to whether Mountberg has informed its affected customers or not, but it has been explained that the affected server has been taken offline by OVH, the French cloud computing firm.