Threat actors are now targeting online betting platforms and casinos since two mainstream casino sites have been targeted and hacked within a brief period.
MGM Resorts owns BetMGM. In May 2022, MGM Resorts had 142 million customer records leaked on Telegram from the 2020 breach; BetMGM is the latest to suffer a data breach.
BetMGM is an online sports betting platform that suffered a data breach recently, resulting in the leaning of data of 1.57 million of its customers. As seen by Hackread.com, the attacker placed the stolen database up for sale the same day on BreachedForums, a cybercrime and hacking forum that surfaced as an alternative to the now-seized Raidforums.
In their post, the attacker claimed the database contained records dating from November belonging to every customer who had placed a casino wager. The message was posted on December 21st, 2022. The hacker also shared data samples. However, it wasn’t clarified how much they demanded to sell the database.
“We breached BetMGM’s casino database current as of Nov 2022. The database is inclusive of every BetMGM casino customer (over 1.5M) as of November 2022 from MI, NJ, ON, PV, and WV. Any customer that has placed a casino wager is included in this database,” the hacker said.
On the other hand, BetMGM confirmed the attack by posting a statement on its website on the same date, i.e. December 21st, 2022. The statement revealed the hackers gained unauthorized access to its system and stole patron records.
The company revealed that it detected a data breach on November 22 and suspects that the intrusion occurred in May 2022.
What Data Was Stolen?
According to BetMGM, the stolen data includes names, postal addresses, email IDs, phone numbers, dates of birth, account identifiers, hashed Social Security Numbers, and transactions-related information of its customers.
The data “varied by patron,” the company stated, adding that so far, there’s no evidence that passwords and account funds were accessed. The company still urges its customers to change passwords and has promised to offer impacted customers free identity restoration and credit monitoring services for up to two years.
Another online sports betting platform, DraftKings, has become the target of hacking lately and has lost the private data of 68,000 customers. The company became a victim of a credential stuffing attack where the attackers used previously leaked credentials to access DraftKings’ user accounts and steal personal data.
The hackers also withdrew funds from victims’ accounts. It is worth noting that the company’s cofounder Paul Liberman has confirmed the attackers stole $300,000 from victims’ accounts. The incident occurred in November.
DraftKings stated that it would restore the stolen funds and sent notification letters to affected customers on Friday, informing them about the leaking of their data.
“Based on our investigation to date, we believe that attackers may have previously gained access to your username or email address and password from a non-DraftKings source and then used those credentials to access your DraftKings account,” the letter read.
What Data was Exposed?
According to DraftKings, the personal information compromised in this breach can include customer names, phone numbers, addresses, email IDs, account balances, profile photos, previous transaction information, last password change date, and the last four digits of their payment cards.
However, there wasn’t any evidence that hackers stole Social Security Numbers, financial account numbers, and driver’s license numbers. DraftKings urged customers to change their account credentials and reset passwords immediately.
“We have restored amounts that have been withdrawn from certain accounts in connection with credential stuffing attacks, as determined and identified by DraftKings,” the company stated.