General

Data For Over 108 Million Users Leaked By iGaming Operator

Confidential details of more than 108 million bets had been laid open to public, including personal information of customers and their financial transactions.

Security researcher Justin Paine said the leak came as a result of an iGaming company’s faulty use of the ElasticSearch server – a high-grade search engine used by companies for data indexing and searching purposes.

The ElasticSearch server was apparently left exposed online in the absence of a password, placing in jeopardy sensitive information. Paine discovered the leak after finding out that the server was laid bare online without any form of authentication.

Web Domains May Be Operated By the Same Company

The server contained a massive pool of information that was mostly likely clustered from several web domains or affiliate sites. A larger betting company could be operating these sites and may have been responsible for the huge data leak.

Some of the URLs identified pointed to online casinos that offer betting on slot games and classic cards, as well as non-standard betting games. Among the domains discovered in the server were azur-casino.com, viproomcasino.net, kahunacasino.com and easybet.com.

Further investigation concluded that some of those domains were running under one company, while the other sites were operated by firms in a similar location in Limassol, Cyprus. These companies could be using a common iGaming license number obtained from Curacao. The findings suggested that one big entity could be operating all of them.

Data that were left exposed included users’ sensitive details such as real names, birth dates, phone numbers, home addresses, email addresses, site usernames, IP addresses and account balances.

Paine discovered around 108 million records that held confidential information in relation to current bets, deposits and withdrawals, wins and payment card details. Thankfully, the payment cards details shown in the server did not fully expose the customer’s financial details.

Mountberg Limited Issues Comment

The online portals in question have all been contacted by business technology news website ZDNet. After a few days, a spokesperson for Mountberg Limited issued a comment in response to ZDNet’s request. The company said it has taken prompt action after having been informed of the alarming data breach. It thanked Justin Paine for bringing the issue to their attention.

The massive leak poses huge risks to the users as they are now susceptible to extortion schemes, scams and other activities perpetrated by organized gangs and cyber criminals.

The leaky server is already inaccessible as of this moment, but it wasn’t clear if the owner of the server shut it down or if cloud computing company OVH implemented the necessary firewall security mechanism.

Carolyn Dutton

Carolyn is our legislation expert, with a background in law she is able to cover the current state of gambling around the world

Share
Published by
Carolyn Dutton

Recent Posts

LV Sands, Concerned About Online Competition Amid Plan to Build $6bn Casino

Summary: Las Vegas Sands chairman and CEO Rob Goldstein is concerned about the impact of…

2 months ago

Biloxi Casino Plans Advance as MGC Considers Two Venues

Summary: Tullis Gardens Hotel and the Tivoli development are in the works. The casinos would…

2 months ago

Rio Hotel & Casino Finishes Phase One of Massive Property Renovation Project

Summary: Rio Hotel & Casino has completed phase one of its multi-year property-wide renovation project.…

3 months ago

Industry Heavyweight Execs Talk Tech Future at TribalNet Conference & Tradeshow

Summary: Monday’s TribalNet Conference & Tradeshow brought together gaming industry executives who discussed the future…

3 months ago

Nevada Regulators Propose Solution for Armed Casino Security Shortage

Summary: The Nevada Gaming Control Board addressed the shortage of armed casino security following the…

3 months ago

Venetian Waiting for Final Approval for $550m Dividend Distribution

Summary: The Venetian in Las Vegas is getting ready for a massive dividend distribution. The…

5 months ago