Paddy Power customers past and present were told of a customer data breach the operator suffered were the personal information of 649,000 customers were obtained illegally. Customers who signed up to the Irish bookmaker during 2010 and prior were victim to stolen account verification details that included names, addresses, birth dates, and even the maiden names of mothers; however personal financial information was not obtained.
Authorities have identified with the enlisted help of Paddy Power that a Canadian citizen residing in Toronto has been identified as the individual responsible for the data breach. A court order was filled and approved and the individuals IT assets were confiscated. Paddy Power in addition contacted Data Protection Commission and An Garda Síochána in regards to the stolen data and it was advised customers to “review other sites where they use the same prompted question and answer as a security measure and update where appropriate.”
Paddy Powers, Peter O’Donovan, MD Online issued the following response to customers,
“We sincerely regret that this breach occurred and we apologise to people who have been inconvenienced as a result. We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data. That investigation shows that there is no evidence that any customer accounts have been adversely impacted by this breach. We are communicating with all of the people whose details have been compromised to tell them what has happened.
Robust security systems and processes are critical to our business and we continuously invest in our information security systems to meet evolving threats. This means we are very confident in our current security systems and we continue to invest in them to ensure we have best in class capabilities across vulnerability management, software security and infrastructure.”
Customers with a Paddy Power account should be advised and take necessary precautions to safeguard their personal details. Changing passwords for email accounts and online banking and financial institutions would be a great necessity to start in protecting their identities.