Canadian Police Refuse to Identify Paddy Power Hacker: 649,000 Accounts Breached

Ontario authorities this week stated they will not be releasing the name of an individual said to have hacked some 649,000 customer accounts at Paddy Power, the UK’s third largest bookmaker.

The breach occurred in 2010 and only became public last week.

Paddy Power officials learned that some confidential customer information had been stolen from a yet-to-be-identified individual based out of Canada and that the full extent of the breach was only known after it took legal action.

Information that was breached includes customers' names, usernames, addresses, email addresses, phone numbers and dates of birth, as well as security questions and answers.  Credit card numbers were believed not to have been compromised. 

A spokesperson for the Ontario police noted that, because this is a civil matter, authorities were prevented from releasing the name of the suspected individual.  She added that no criminal charges were being pursued at this time and only Paddy Power could release such information.

News of the breach drew the ire of the Ireland government.  Paddy Power is headquartered in Ireland and is that nation’s largest bookmaker.

"I am very disappointed that it has taken until now for Paddy Power to inform its customers," said Dara Murphy, minister of state at the departments of the prime minister and foreign affairs with special responsibility for European affairs and data protection.

"Paddy Power put in place increased security measures after the breach in 2010 and I have been in touch with the Office of the Data Protection Commissioner, which met with Paddy Power representatives this week," Murphy said in a statement.

"My office and that of the Data Protection Commissioner will be working closely in relation to this matter," he said.

"It is best practice to inform the commissioner as soon as these breaches occur, and although these were not breaches of password or financial information, the data security breach code of practice should be followed at all times in order to safeguard personal information and assure customers that their data is secure," he added.

Over the past year, Paddy Power has come under intense scrutiny for a wide variety of publicity stunts that included taking wagers on the Oscar Pistorius murder trial in conjunction with the aptly named Oscars ceremony, complete with ads that read “It’s Oscar Time:  Money Back Guarantee If He Walks”.  Pistorius is a paraplegic runner.

Paddy was also internationally condemned for sponsoring former NBA player Dennis Rodman’s trips to the “Hermit Kingdom” of North Korea.

- Jagajeet Chiba, Gambling911.com