Paddy Power admits 2010 cyber-theft breached 650,000 accounts
Irish bookmaker Paddy Power has admitted personal data from 650,000 accounts registered before 2011 was stolen four years ago during a cyber-attack upon its database.
Paddy Power's online engages viewers in a conversational way
Pre-2011 accounts were breached with data including customers' names, usernames, addresses, email addresses, phone numbers and dates of birth, as well as security questions and answers, stolen.
The betting firm confirmed that encrypted financial data such as debit card numbers was safe and added it seized the stolen data from a Canadian individual’s personal computer in May after a tip off.
Irish police and the data protection commissioner were informed of the theft which saw two court orders issued to retrieve the data.
Peter O’Donovan, managing director of online at Paddy Power, said: “We sincerely regret that this breach occurred and we apologise to people who have been inconvenienced as a result. We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data.
“That investigation shows that there is no evidence that any customer accounts have been adversely impacted by this breach. We are communicating with all of the people whose details have been compromised to tell them what has happened.”
O’Donovan added: “Robust security systems and processes are critical to our business and we continuously invest in our information security systems to meet evolving threats. This means we are very confident in our current security systems and we continue to invest in them to ensure we have best in class capabilities across vulnerability management, software security and infrastructure.”
The bookmaker has been winning the hearts of social media users with quality real time ads campaigns on Twitter, while trying to retreive data stolen from customers on its database. Those affected will be contacted in the coming weeks.
The firm recognised an attack in 2010 but was unaware of any breach of data, since then it has spent 4m euros on its IT security systems.