Paddy Power admits 2010 cyber-theft breached 650,000 accounts

The betting firm confirmed that encrypted financial data such as debit card numbers was safe and added it seized the stolen data from a Canadian individual’s personal computer in May after a tip off.

Irish police and the data protection commissioner were informed of the theft which saw two court orders issued to retrieve the data.

Peter O’Donovan, managing director of online at Paddy Power, said: “We sincerely regret that this breach occurred and we apologise to people who have been inconvenienced as a result. We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data.

“That investigation shows that there is no evidence that any customer accounts have been adversely impacted by this breach. We are communicating with all of the people whose details have been compromised to tell them what has happened.”

O’Donovan added: “Robust security systems and processes are critical to our business and we continuously invest in our information security systems to meet evolving threats. This means we are very confident in our current security systems and we continue to invest in them to ensure we have best in class capabilities across vulnerability management, software security and infrastructure.”

The bookmaker has been winning the hearts of social media users with quality real time ads campaigns on Twitter, while trying to retreive data stolen from customers on its database. Those affected will be contacted in the coming weeks.

The firm recognised an attack in 2010 but was unaware of any breach of data, since then it has spent 4m euros on its IT security systems.