Data For Over 108 Million Users Leaked By iGaming Operator

Confidential details of more than 108 million bets had been laid open to public, including personal information of customers and their financial transactions.

Security researcher Justin Paine said the leak came as a result of an iGaming company’s faulty use of the ElasticSearch server – a high-grade search engine used by companies for data indexing and searching purposes.

The ElasticSearch server was apparently left exposed online in the absence of a password, placing in jeopardy sensitive information. Paine discovered the leak after finding out that the server was laid bare online without any form of authentication.

Web Domains May Be Operated By the Same Company

The server contained a massive pool of information that was mostly likely clustered from several web domains or affiliate sites. A larger betting company could be operating these sites and may have been responsible for the huge data leak.

Some of the URLs identified pointed to online casinos that offer betting on slot games and classic cards, as well as non-standard betting games. Among the domains discovered in the server were azur-casino.com, viproomcasino.net, kahunacasino.com and easybet.com.

Further investigation concluded that some of those domains were running under one company, while the other sites were operated by firms in a similar location in Limassol, Cyprus. These companies could be using a common iGaming license number obtained from Curacao. The findings suggested that one big entity could be operating all of them.

Data that were left exposed included users’ sensitive details such as real names, birth dates, phone numbers, home addresses, email addresses, site usernames, IP addresses and account balances.

Paine discovered around 108 million records that held confidential information in relation to current bets, deposits and withdrawals, wins and payment card details. Thankfully, the payment cards details shown in the server did not fully expose the customer’s financial details.

Mountberg Limited Issues Comment

The online portals in question have all been contacted by business technology news website ZDNet. After a few days, a spokesperson for Mountberg Limited issued a comment in response to ZDNet’s request. The company said it has taken prompt action after having been informed of the alarming data breach. It thanked Justin Paine for bringing the issue to their attention.

The massive leak poses huge risks to the users as they are now susceptible to extortion schemes, scams and other activities perpetrated by organized gangs and cyber criminals.

The leaky server is already inaccessible as of this moment, but it wasn’t clear if the owner of the server shut it down or if cloud computing company OVH implemented the necessary firewall security mechanism.