Betfair Scandal: Critical Credit Card Hacking Data Withheld From Players

The world’s largest betting exchange, Betfair, has found itself in the middle of a major scandal that resulted in the firm’s Head of Security stepping down.

More than three million customers were affected by a massive credit card hacking scheme.  The company made the situation worse by failing to advise customers.  The hacking incident in question occurred over 18 months ago.

The Daily Telegraph reported that “between 28 March 2010 and 9 April 2010, cyber criminals stole 3.15 million account usernames with encrypted security questions, 2.9 million usernames with one or more addresses and 89,744 account usernames with bank account details.”

The company issued this statement:

“Eighteen months ago we were subject to an attempted data theft. Because of our security measures the data was unusable for fraudulent activity and we were able to recover the data intact.

“At the time, we contacted all the relevant authorities and worked closely with them regarding this matter and it was established that there was no risk to customers.”

The Daily Telegraph reported that an independent consulting firm, Information Risk Management, referred to Betfairs internal security as “insufficient”. 

“Information security was not implemented in accordance with best practice.

“Appropriate information security governance is not in place within Betfair and as a consequence the business has been exposed to significant risks,” the report stated.

- Aaron Goldstein, Gambling911.com