Malta Gaming Authority rejects criminal activity claims after “unacceptable” hacking
A German researcher claims to have found material revealing illegal activity after hacking the MGA.
Germany.- The Malta Gaming Authority has rejected claims of criminal activity levelled by a researcher who claims to have hacked into its systems. In a statement published on Friday (March 20), the MGA said the hack was “unacceptable and incompatible with lawful engagement with public institutions and established governance frameworks” while rejecting the non-specified allegations as “unsubstantiated”.
The regulator had issued a statement last week reporting a security breach in one of its systems. While it didn’t provide details, it said it had activated internal response protocols due to an incident that it was treating “with the utmost seriousness”.
A German security researcher later claimed responsibility for hacking into the gambling regulator’s systems. Lilith Wittmann, who describes herself as an ethical hacker, posted on social media that she had gained access to records such as operator compliance files and player data including material that she claims links the MGA to organised crime in Malta’s gambling industry.
In a post on Twitter, she wrote: “Yes, we will expose the organised crime enablement schemes you created while presenting yourselves as a ‘legitimate public service’.”
She also warned that any police action in Malta would “trigger the immediate release of my entire archive of igaming-related data“.
“I am certain that the information obtained is so valuable for the public discourse that obtaining it will one day, in the not-too-distant future, be seen as a justified necessity,” she added.
The MGA said in its response on Friday: “The Malta Gaming Authority (MGA) is aware of public statements made by an individual claiming responsibility for unauthorised access to one of the Authority’s systems and making a series of allegations and threats in that context. The MGA condemns any unauthorised access to its systems and any extraction, handling or dissemination of data obtained through such activity. Such conduct is unacceptable and incompatible with lawful engagement with public institutions and established governance frameworks.
“The Authority operates within a robust legal and regulatory framework and carries out its statutory functions with integrity, independence and accountability. Allegations made in the context of unauthorised system access are unsubstantiated and do not undermine the MGA’s role as a regulator committed to transparency, due process and the rule of law.
“For more than two decades, the MGA has operated within established legal and governance frameworks, and will continue to do so. Ensuring that the Authority’s work, and the industry it regulates, operate with integrity and accountability is paramount.”
