Betfair Confirms Major Online Security BreachBetfair Customers Finally Find Out About Cyber Attack |
|
Betfair has confirmed that its site’s security was breached 18 months ago but it had not revealed this information to its customers until now, nor did the company provide details of the attack when it announced its decision to list on the London Stock Exchange.
On Mar. 14, 2010, according to The Telegraph, cyber attackers, believed to be from Cambodia, stole more than 3.1 million account names with encrypted security questions, 2.28 million encrypted payment card account numbers and details, and almost 90,000 account usernames with bank account details.
Betfair has stated that it did not realise the attack had taken place until two months later when a server at its Malta data centre went down. From there, a total of nine servers in the UK and two in Malta were affected and thereafter the company reported the crime to the UK’s Serious Organised Crime Agency. It did not however inform its customers of the attack as according to Betfair it decided they were not at risk as the company was able to recover the data intact.
The Telegraph reported that a month before the decision was made to float, Betfair received a Forensic Investigation Report concerning the theft, which stated that “Appropriate information security governance is not in place within Betfair and as a consequence the business has been exposed to significant risks”.
In the risk factors area of its prospectus however Betfair only mentioned a limited number of security breaches in the past which had not significantly affected the company’s reputation, operations, or financial performance.
Security measures have since been improved and now conform with best practice guidelines for the protection of customer details.
Copyright © 2001-2024
CardPlayer.com. All rights reserved.
