Online Casino Group Leaked Information of Over 108 Million Bets and User Data

  • 106
  •  
  •  
  • 1
  •  
  •  
  •  
    107
    Shares

Security researcher Justine Paine discovered a data leak this week from an ElasticSearch server. The leak involved over 108 million bets and user data from an online casino group. Paine discovered the leak after finding the server which had been exposed online without a password.

Some of the domains that Paine spotted in the leaky server included kahunacasino.com, azur-casino.com, easybet.com, and viproomcasino.net, just to name a few.

Unsecured Server

Companies use ElasticSearch servers to improve web apps and search capabilities. These servers should be kept secure and remain offline because they often contain companies most sensitive data. This data is usually centred around customer transactions and other personal data from users.

Analyzing the URLs

Paine analyzed the URLs found on the server and concluded that all of them were from a large company or affiliate scheme. These URLs were used to operate multiple online casino betting portals.

This one server was holding a huge amount of data. All of the domains were running online casinos where bets were placed along with other games.

Domains Linked to One Location

Not all of the domains found were owned by the same company. However, they were all registered to the same building at an address in Limassol, Cyprus. All of the companies are also using the same eGaming licence issued by the same government in the Carribean. This suggests that they are all owned by the same umbrella company.

Exposed Data

User data contained in the server included home addresses, names, email addresses, and account balances. Paine also found that around 108 million records were exposed relating to wins, deposits, and withdrawals. This withdrawal data also included payment card details.

Not all financial details have been leaked. However, it has exposed personal details of people who won large sums of money.

The server is now offline,  the company has not responded to any reports.

 

 

The following two tabs change content below.
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]
Avatar

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Do NOT follow this link or you will be banned from the site!