Paddy Power Admits Historical Data Breach

Mobile payments, money, pounds, smartphone © Stuart Miles Shutterstock 2012

All bets are off, as criminals fleece Paddy Power of its customer records – four years ago

Paddy Power is contacting 649,055 of its customers, after the online betting firm admitted this week that its customer database was compromised in a “historical data breach.”

In fact, the breach was so “historic” that it actually took place way back in 2010, but has now only been publicly admitted to.

Long Time Ago

Paddy Power admitted the breach more than fours year after it happened, in a statement on its website.

It said that it had only become aware of the full extent of the 2010 breach in “recent months” (in May), when it took legal action in Canada in conjunction with the Ontario Provincial Police to retrieve the compromised dataset from an individual.

dropbox box leak storage security breach © higyou Shutterstock“Paddy Power is today contacting certain customers in relation to an historical data breach,” said the firm. “No financial information or customer passwords were compromised in the isolated incident and customers’ accounts are not at risk as a result.”

However, it is seems that customer names, usernames, addresses, email addresses, phone contact number, date of birth and prompted question and answer details were compromised. So everything needed for identity theft, or for the creation of personalised phishing emails.

The firm said it had tightened up its security with a £4m investment in IT security systems in recent years. It said it took its responsibilities regarding customer data extremely seriously and had kept the Irish Office of the Data Protection Commissioner updated.

“We sincerely regret that this breach occurred and we apologise to people who have been inconvenienced as a result,” said Peter O’Donovan, MD Online, Paddy Power. “We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data.

“That investigation shows that there is no evidence that any customer accounts have been adversely impacted by this breach,” O’Donovan. “We are communicating with all of the people whose details have been compromised to tell them what has happened.”

Online gambling has become increasingly important to bookmakers in recent years.

Even Facebook has had the odd flutter, when it launched its first ever cash gambling app – Bingo Friendzy, back in 2012.

Are you a security pro? Try our quiz!