30-second summary
- Elastic Search server was left without password
- Names such as kahunacasino.com and eastbet.com are affected
- Slots and classic cards are thought to be most at risk
- Group based in Cyprus and Curaçao
Serious security error
Despite recent regulations such as GDPR and a whole host of regulators issuing fines for improper storage of data, yet another massive breach has occurred. This time, it is thought that information on around 108 million bets was exposed on a server before it was taken down.
How could this happen?
The server belongs to a casino group based in Cyprus and Curaçao (a Caribbean Island) who used the Elastic Search server. According to ZDNet, they believe it had been left unprotected, confirming that little was done to ensure its security. It didn’t even have a password. They think this previously undetected breach could trigger a leaking of data.
At the moment, online gambling is limited to sports betting in Cyprus, which has a number of land-based casinos.
Over in Curaçao, the Gaming Control Board (GCB) has announced that it would like online gambling to be included in its oversight, rather than having its powers confined to land-based operations. Such changes to cover online gambling have been long overdue, and board members hope that they can have more power in dealing with “illegal providers” and protect consumers.
What was leaked?
Names, emails, phone numbers, physical addresses and other personal information such as birthdays, account balances, operating systems, and IP addresses were leaked, along with information about games played and time of the last log-in. All of this information was found to be linked from the consumers’ current bets, deposits, withdrawals, and wins.
Fortunately, a security researcher, Justin Paine, came across the exposed server. He discovered the momentous error and, when he came across the data, he determined that it was from an online betting group that has multiple websites, including domains such as kahunacasino.com, azur-casino.com, easybet.com, and viproomcasino.net.
What was affected?
Online games like “slots” and “classic cards” were affected for an unknown period. Several companies were involved, and some have even been found to be operating under the same license number issued by the Curaçao government, while others are reportedly housed in the same building of a Cyprus address.
ZDNet sought comment from the online portals but didn’t receive a reply. However, there was relief that the server went offline. Paine commented, “It’s down finally. Unclear if the customer took it down or if [cloud provider] OVH firewalled it off for them.”