An online casino and sportsbetting firm is reportedly under fire this week after a recent security failure potentially left the personal details of its players as well as financial information on approximately 108 million wagers open to hackers and fraudsters.
Mountberg Limited chided:
According to a Monday report published by the ZDNet.com online news service of American media giant, CBS Corporation, operator Mountberg Limited may have inadvertently exposed the names, locations, birth dates and telephone and e-mail addresses of its customers due to its internal server being left exposed without a password.
ZDNet.com reported that the failure of the Cypriot operator’s, ElasticSearch server, could have also resulted in the revelation of its players’ IP addresses, account balances, login information and browser and OS details alongside more sensitive data pertaining to wagers, withdrawals, deposits and payment methods.
The news service reported that Mountberg is responsible for numerous iGaming domains including KahunaCasino.com, VIPRoomCasino.net, EasyBet.com and Azur-Casino.com and that it remains ‘unclear’ as to how long the server had been left exposed.
‘Partially redacted’ optimism:
On a brighter side, ZDNet.com added that all payment card information allegedly left exposed by the lack of a password on the operator’s ElasticSearch server had been ‘partially redacted’ so as not to have exposed the full breath of any individual user’s financial details. But, the news service declared that fraudsters may still have been able to exploit the supposed breach in order glean data in order to illicitly target players that had recently won ‘large sums of money.’
Impacted server down:
It remains unclear as to whether Mountberg has informed its customers about the supposed botched security issue although it detailed that the affected server has since been taken offline by French cloud computing firm, OVH.