NewsOnline Security

BetMGM Data Breach – CyberCriminals Start Their Own Bets with Victims’ Data

Sports have their own taste of excitement, especially when fans are betting on their winning team or player. However, when threat actors are involved, fans turn into victims, and their betting habits turn to beneficial data to harvest. That’s exactly the case with leading sports betting firm, BetMGM, which recently disclosed a data breach.

Betting is fun, especially when individuals are hardcore fans of the sport, and BetMGM has made the process very easy. Apparently, threat actors noticed the platform’s popularity and decided to prey on it.

Now, stolen personal information belonging to an undisclosed number of customers is being sold on hacking forums. What is this breach all about? How is BetMGM handling it? Find out below.

BetMGM Breached – Betting Starts at 1,569,310 User Records

Data breaches have become pretty common, especially in 2022. While attacks that include ransomware and other forms of malware reached a new high last year, 2022 comes to a close with several notable cyberattacks.

In fact, a week ago, none other than Fubo TV suffered the same fate, and users were prohibited from streaming the semifinal between Morocco and France.

We’re highly convinced that most soccer fans used the platform to place their bets during the World Cup. In other words, imagine how much personal information was submitted in that period.

BetMGM released a statement on December 21st, 2022, addressing that their patron records were obtained in an unauthorized manner.

The stolen data includes names, email addresses, postal addresses, phone numbers, account identifiers, and so much more:

We believe that your information was contained in these records, which may have included details such as name, contact information (such as postal address, email address and telephone number), date of birth, hashed Social Security number, account identifiers (such as player ID and screen name) and information related to your transactions with us.

The betting platform did not disclose how many users were impacted, but apparently, the threat actors did that task on its behalf.

According to the hacking forum where the data is posted, the individual behind this attack claims to have stolen 1,569,310 user records.

“We breached BetMGM’s casino database current as of Nov 2022,” says the threat actor named ‘betmgmhacked’ who put up the stolen information for sale on a hacking forum yesterday.

The database is inclusive of every BetMGM casino customer (over 1.5M) as of November 2022 from MI, NJ, ON, PV, and WV. Any customer that has placed a casino wager included in this database.”
BetMGM Data Post

The New Jersey-based platform is one of the biggest betting services in the United States and even the world.

If the stolen records were to fall into the wrong hands (Another threat actor purchases them), more malicious practices might occur. We’re talking about phishing scams and the like.

Fans “Bet” Off More than They Can Chew

Threat actors are always waiting for the right opportunity to strike and harvest your data. Companies that users entrust their data to should implement the right tools to protect it.

Cybercrime is on the rise, and threat actors don’t seem to be stopping anytime soon. Make sure to protect your systems and apply the necessary precautions. That way, you’ll at least avoid this predicament.

Jonathan Beesly

Jonathan is the main author at Anonymania.com. He regularly publishes posts that aim to introduce better cyber-security practices to the masses.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Articles

Back to top button