Flutter’s Paddy Power and Betfair brands hit by mayor cyber attack
The operator has confirmed that cyber criminals were able to access emails and account names.
UK.- New York-listed Flutter Entertainment has confirmed that its UK-facing Paddy Power and Betfair brands were hit by a mayor cyber attack. It said cyber criminals had been able to access data such as the emails and account names in an attack that affected a significant proportion of customers of the sportsbook and betting exchange.
Flutter said that the first lines of home addresses, IP addresses and some data on recent account activity on accounts had also been compromised. The most sensitive information, such as passwords, ID documents and debit card details, had not accessed, it said, and the incident has been contained with no need to suspend any customer accounts.
However the scale of the incident, which it shows the risks that cybercrime poses to the sector. There have been several cyber attacks against gambling operators in recent years, including against MGM Resorts and the New Hampshire lottery.
Flutter has around 4.2 million average monthly players across all of its brands in the UK and Ireland. The limited amount of data accessed means the operator was not obliged to inform customers, but company has chosen to do so as it believed this was the correct course of action. It has also informed the Gambling Commission and Information Commissioner’s Office, it said.
The company said in a statement: “We can confirm that our Paddy Power and Betfair businesses have suffered a data incident involving personal information for some of our customers. Immediately upon becoming aware of this incident, we informed relevant regulators and authorities and initiated a full investigation, supported by external IT security experts, to understand what happened and how we can better protect our networks and customers.
“The unauthorised access has been removed and the incident contained. Our investigation concluded that the affected information was isolated to limited betting account information. No passwords, ID documents or usable card or payment details were impacted. We are informing all affected customers. Safeguarding and securing our customers’ information is of the utmost importance to us.”
