Advertisement
Paddy Power Sam Boal/Photocall Ireland
Hacking

Had a Paddy Power account in 2010? You need to read this

The company has alerted An Garda Síochána and the Data Protection Commissioner’s office about the incident.

PADDY POWER IS contacting customers who had an account with them in 2010, after a data breach was discovered.

The company says that it contacted the gardaí and the Data Protection Commissioner’s office about the incident.

It also said:

  • No financial information or customer passwords accessed in hacking incident
  • A full investigation shows no evidence customers’ accounts adversely impacted
  • The incident was restricted to a number of customers who held an account in 2010
  • There was no impact on customers who opened accounts after this time

Paddy Power it is contacting 649,055 customers about the historical data breach.

No financial information or customer passwords were compromised in the isolated incident and customers’ accounts are not at risk as a result.

It said that the full extent of the 2010 data breach became known to the company in recent months “when it took legal action in Canada with the assistance of the Ontario Provincial Police to retrieve the compromised dataset from an individual”.

Paddy Power takes its responsibilities regarding customer data extremely seriously and it is deeply regrettable that this breach happened.

Data

According to the company, the historical dataset contained:

  • The individual customer’s name
  • Username
  • Address
  • Email address
  • Phone contact number
  • Date of birth
  • Prompted question and answer

Customers’ financial information such as credit or debit card details has not been compromised and is not at risk. Account passwords have also not been compromised.

“Paddy Power’s account monitoring has not detected any suspicious activity to indicate that customers’ accounts have been adversely impacted in any way,” it said.

What would the information allow?

The accessed information alone would not have been sufficient to grant access to a Paddy Power customer account and this incident has no impact on customers who opened accounts after 2010.

Customers are being advised to review other sites where they use the same prompted question and answer as a security measure, and update where appropriate.

“We sincerely regret that this breach occurred and we apologise to people who have been inconvenienced as a result,” said Peter O’Donovan, MD Online, Paddy Power.

“We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data.”

He added the the company continuously invests in its information security systems to meet evolving threats, which means it is “very confident” in its current security systems.

Read: UPDATE: Paddy Power did not cut down a single Amazonian tree>

Your Voice
Readers Comments
31
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.