Paddy Power and Betfair Confirm Leak of Players’ Personal Data

Hackers gained access to usernames, email addresses, first line of addresses, cities of residence, as well as technical data (device IDs, IP addresses) of Paddy Power and Betfair customers. The affected users were mainly from the UK and Ireland, the parent company Flutter reported.

According to Flutter, the parent company of Paddy Power and Betfair, a data breach has exposed the personal information of their customers. Fortunately, no financial information, identifying papers, or passwords were obtained in the incident, according to a statement from Flutter.

However, Flutter has shown that information such as usernames, emails, contact details, the first line of their address, and their town or city may have been stolen in emails addressed to clients of the two well-known predominantly sports betting operators and trusted online betting sites that have been shared on social media.

As soon as the problem was discovered, the appropriate authorities and regulators were notified, and a thorough investigation was started with the help of outside IT security specialists to find out what went wrong and how Flutter networks and users could be better safeguarded. The situation has been contained, and the unauthorized access has been eliminated. Flutter thinks the intrusion has been controlled and is now over, having notified the Information Commissioner’s Office (ICO) and the Gambling Commission (UKGC) about it.

Similar Attacks Occurred in UK Recently

Only a month has passed since the British Horseracing Authority (BHA) was the subject of a cyberattack that affected its internal systems and data, which was followed by the data breaches at Betfair and Paddy Power.

Also, the Co-op’s supermarkets and funeral services were attacked in April, while Marks & Spencer experienced a major cyber breach this year that locked the retailer’s computers and affected sales for six weeks, causing damage of £300 million.