Tuesday, 22 January 2019

Online Casino Groups Leak User Details and Info on over 108M Bets


An online casino group has leaked information on over 108 million bets and customers’ personal information.

According to technology news site ZDNet, the data was leaked from an ElasticSearch server that was left without a password.

ElasticSearch is a search engine that is used by companies to improve their web apps’ data indexing and search capabilities. It usually handles the company’s most sensitive information and shouldn’t be left exposed and without a password.

The server was eventually found by security researcher Justin Paine last week who immediately reported the news ZDNet. After discovering it, Paine realised that it contained data from several online casinos including customers’ real names, home addresses, phone numbers, email addresses, birth dates, site usernames, IP addresses, account balances, browser and OS details, login information and a list of played games.

In addition to this, Paine discovered that around 108 million records containing information about bets, wins, deposits and withdrawals had leaked too. Information related to customers’ withdrawals and deposits were also included such as debit and credit card details.

Luckily, the payment details listed in the ElasticSearch server were partially redacted so didn’t fully expose the customers’ financial details.

Since the server possessed information aggregated from multiple web domains, it’s thought the information came from an affiliate scheme or from a larger company operating the casinos.

Which Casinos Were Affected?

Many of the domains that Paine spotted in the server came from kahunacasino.com, azur-casino.com, easybet.com, viproomcasino.net and others. Most of the domains affected are owned by the same company but others are owned by different companies located in the same building in Limassol, Cyprus.

All of the domains affected possess a license issued by the government of Curacao, a small island in the Caribbean. However, the websites do not possess a license from the UK Gambling Commission, which is why we wouldn’t recommend them as they fail to adhere to the Commission’s security and safety rules.

Meanwhile, ZDNet has reached out to the online casinos involved in the leak but have yet to receive a response. However, the ElasticSearch server has since gone offline.

Speaking to ZDNet about the server’s closure, Paine said: “It’s down finally. Unclear if the customer took it down or if OVH firewalled it off for them.”

ZDNet points out that since none of the affected companies have responded for comment, it’s unclear how long the server remained up, how many users have been impacted and whether the customers ever got notified that their personal details had been leaked.