The online gambling platform is known as ‘SuperCasino’ has experienced a data breach that exposed sensitive information belonging to its customers. The incident came to light after several registered users received an email from SuperCasino which informed them about the leak. The organization claims that the people’s financial details such as credit cards, payment information, and any other documents that were uploaded in the context of the user identity authentication have not been accessed by the hackers. The same applies to the user passwords that have apparently remained uncompromised.
Looks like there's been a #DataBreach at SuperCasino and other affiliate sites too #InfoSec pic.twitter.com/3zK9LXRSea
— Gary Hoffman (@PortUnreachable) January 26, 2020
According to the organization’s internal investigation, the information that has been accessed by the hackers includes names, usernames, email addresses, telephone numbers, residential addresses, the date of the user’s registration, and some unrelated and non-useful internal activity data. As such, SuperCasino claims that while they had a duty to report this, there’s nothing that the users should worry about. Still, they are urging the recipients of the email to reset their password, and do the same on other online platforms if they are using the same credentials elsewhere too. That is, of course, to help the compromised individuals stay safe against credential stuffing actors.
The users are now at risk of getting scammed, as the hackers know their real names, telephone numbers, and email addresses. That said, if you receive an SMS or email claiming that you need to change your password or payment method, don’t click on any links that are in there. Just visit SuperCasino directly, reset your password right on the platform, and disregard any other messages that you may receive from now on. Remember, malicious actors could use this incident as a chance to trick you, so you may receive a message that looks legitimate, uses the SuperCasino logo, and requests you to reset passwords supposedly in response to this incident.
The company claims to be using 128-bit SSL encryption to secure the user’s passwords and financial details, so even if they aren’t entirely transparent about what has been accessed by the hackers, this information should be safe anyway. Almost exactly a year ago, several online casinos have exposed 108 million bets and the user details associated with them after leaving an ElasticSearch database accessible by anyone online. That said, if you enjoy gambling on online casinos, be very careful with how and where you do it as you may lose more than your virtual bets.