We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
RSS FeedTechnology

Betfair hides credit card data hack from customers


More than three million customers affected by attack

Article comments

Sports betting exchange Betfair failed to notify customers of a massive credit card data theft 18 months ago, it has been revealed.

According to the Daily Telegraph, the company disclosed in an internal report that between 28 March 2010 and 9 April 2010, cyber criminals stole 3.15 million account usernames with encrypted security questions, 2.9 million usernames with one or more addresses and 89,744 account usernames with bank account details.

Customer accounts that existed at 1 February 2010 were affected, yet Betfair made no move to inform customers of the breach because it decided that there was “no risk to customers”.

“Eighteen months ago we were subject to an attempted data theft. Because of our security measures the data was unusable for fraudulent activity and we were able to recover the data intact.

“At the time, we contacted all the relevant authorities and worked closely with them regarding this matter and it was established that there was no risk to customers,” the company said in a statement.

The authorities that Betfair was forced to inform included the UK Serious Organised Crime Agency (SOCA), the German law enforcement agencies, and the Australian Federal Police. It also notified the Royal Bank of Scotland, which was responsible for accepting card payments made via Betfair.

The incident, described in an internal report called ‘Project Brazil Progress Report’, called into question Betfair’s security monitoring systems, as it did not discover the breach for two months after the initial attack. Hackers breached the company’s systems on 14 March 2010, but it was only a server crashing at a data centre in Malta that alerted the company to the attack.

According to the Daily Telegraph, a report on the crime by consultants Information Risk Management described Betfair’s IT security as insufficient.

“Information security was not implemented in accordance with best practice.

“Appropriate information security governance is not in place within Betfair and as a consequence the business has been exposed to significant risks,” the report stated.

Meanwhile, Betfair said that it has now implemented all of the recommendations from independent reports it commissioned into the crime, and that it has "done everything we can to minimise the risk of this happening again." 

Earlier this year, Betfair launched a customer commitment charter setting out 14 promises to customers about the quality of its services, including technology.

One of the promises included ensuring the security of its site and customer data, and to protect customers’ money by keeping it separate from the company’s funds.

The company publishes a progress report against each of the commitments every three months, starting from 1 August.

Share:

Recommended Articles

Comments

Betfair hides credit card data hack from customers
Technology

How new technologies are transforming finance

How new technologies are transforming finance

CFOs, once sceptical about technology, are now among its biggest supportersmore ..


Boris Johnson: London will have 5G by 2020

Network to be deployed with University of Surreymore ..

Customers should be allow to sell on 'their' data, says ICO

“Big data is not a game that is played by different rules” says the Information Commissioners Officemore ..

'Nadella Effect' makes Ballmer $2.8bn richer

And since Thursday's downsizing, CEO Satya Nadella has an extra $1.3M in his portfoliomore ..

What does your perfect datacentre look like?

The financial impact of rising energy bills is a headache for companies toomore ..

What UK business needs to do now with big data

In the final of a three-part series, we look at the potential for companies to become victims in the battle for big datamore ..

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.



In Depth
Can finance rise to the challenge of major transformation?

Can finance rise to the challenge of major transformation?

Outdated finance processes, systems and competencies leave too many questions unanswered more ..

In Depth
Interim CFO or consultant? The pros and cons

Interim CFO or consultant? The pros and cons

Ed Harding offers an insight into the life of an interim CFO and the advantages in driving transformation more ..

Advertisement

* *