Betfair customers kept in the dark over massive data theft

Online gambling firm Betfair admitted yesterday it had not informed its customers that the details of millions of credit cards were stolen in a major cyber-attack 18 months ago.
By The Newsroom
Published 1st Oct 2011, 07:00 BST

More than 3.1 million account names with encrypted security questions, 2.9 million usernames, and nearly 90,000 account usernames with bank account details were stolen in an attack in March last year.

Betfair said it did not inform customers of the attack as its security measures made the data unusable for fraudulent activity and it was able to recover the data intact.

Hide Ad
Hide Ad

A report commissioned into the theft, seen by the Daily Telegraph, was published on September 27 last year – six days after Betfair announced its intention to float on the London Stock Exchange.

Details of the attack come after Japanese computer games giant Sony revealed it had suffered two attacks on its PlayStation network in which the data of around 100 million users were stolen.

A Betfair spokesman said it decided not to disclose the attack, which it reported to the UK’s Serious Organised Crime Agency (SOCA), as it determined it was not going to impact customers.

A review of security has been concluded since the attack, he added, and Betfair’s systems have been strengthened so they now conform with best practice guidelines on the protection of customer details.

Hide Ad
Hide Ad

He said: “We have subsequently implemented all of the recommendations from the independent reports we commissioned and have done everything we can to minimise the risk of this happening again.”

Betfair confirmed it did not discover the cyber attack, believed to be from criminals based in Cambodia, until two months after it happened when a server at its Malta data centre crashed. In total, nine servers in the UK and two in Malta were affected.

As well as SOCA, the group said it had also contacted the Australian Federal Police and German authorities over the attack.

Betfair’s share price has fallen 41 per cent since it listed at 1300p last October as revenue growth has been lower than expected, while it has also suffered a string of management departures, regulatory problems and a poor performance from its start-up LMax financial exchange.

Hide Ad
Hide Ad

Chief executive David Yu and chairman Edward Wray have both recently indicated they will stand down. Mr Yu, who was the company’s former chief technology officer prior to taking over as chief executive, said in June he would not renew his contract when it expired in October 2012.