Contents:
BetMGM, a major player in the sports betting industry, recently reported a data breach in which the personal information of an unspecified number of customers was stolen by a threat actor.
The data breach exposed information such as names, postal addresses, email addresses, phone numbers, dates of birth, hashed Social Security numbers, account identifiers (such as player IDs and screen names) and details related to transactions with BetMGM. The company said the personal information stolen from each customer during the attack varies.
We promptly launched an investigation after learning of the matter and have been working with leading security experts to determine the nature and scope of the issue. We learned of the issue on November 28, 2022, and believe the issue occurred in May 2022. We currently have no evidence that patron passwords or account funds were accessed in connection with this issue. Our online operations were not compromised. We are coordinating with law enforcement and taking steps to further enhance our security.
Over 1.5 Million Customers Believed to Be Affected
The betting company has not yet revealed how many customers’ information was compromised in the May breach, but the likely attackers are already selling it online, explained Bleeping Computer.
BetMGM’s casino database was breached as of November 2022, according to the threat actor going by the name “betmgmhacked,” who yesterday offered the stolen data for sale on a hacking forum.
The database is inclusive of every BetMGM casino customer (over 1.5M) as of November 2022 from MI, NJ, ON, PV, and WV. Any customer that has placed a casino wager included in this database.
In a post titled “BetMGM.com Casino Database Breach,” the threat actor claims that 1,568,310 user records were stolen from BetMGM’s database.
BetMGM is a sports betting operator based in New Jersey and established in 2018. Its portfolio includes BetMGM, Borgata Casino, Party Casino, and Party Poker.
BetMGM’s press release regarding the data breach is available here.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.