One of the most used sports betting entities, BetMGM, disclosed a data breach attack from threat actors. Based on reports, the breach has stolen troves of data owned by numerous customers.
According to researchers, the stolen information by the attackers varies for each customer. These affected data include names, email addresses, contact information, and date of birth.
The attack also heavily affected the victims since some customers’ data, such as SSNs, account identifiers, and information related to BetMGM transactions, were also stolen by the hackers during the attack.
BetMGM claimed that the attack started last May.
The BetMGM sports betting company explained that the data breach incident was discovered by researchers last month. However, they believe the attack occurred as early as May this year.
The company has no proof that the actors accessed their users’ passwords or account funds because of the attack. In addition, their online operations were not disrupted by the incident. They also assured everyone that they have already contacted law enforcement agencies to aid them in investigating and enhancing their information security.
The company’s breach notification letters earlier this month were sent to every customer, advising them to be wary of suspicious activities and unwanted communication related to their data.
Some researchers claimed that the data breach attack against the sports betting firm could have affected more than 1.5 million customers.
The data breach operators have already been selling the stolen data online. In contrast, the betting company has yet to reveal the exact number of customers affected by the attack.
The threat actors posted a database that is for sale, titled “BetMGM.com Casino Database Breach.” The offered database allegedly came from stolen BetMGM customer information, including approximately 1.5 million user records.
Finally, the campaign also noted that the data sets include details owned by players from BetMGM casinos in Pennsylvania and New Jersey alongside the Master Casino data set with customers’ information from all states.
Cybersecurity experts advised all betting platform users, especially BetMGM customers, to be wary of phishing attempts that could lead to funding losses.
