Betfair, the popular online gambling firm, has admitted that it failed to reveal details of a major cyber attack that took place on its site when it issued its flotation prospectus in September, 2010.
The attack, that occurred in March, 2010, resulted in over 3.1 million account names with encrypted security questions, 2.9 million usernames and almost 90,000 account usernames with bank account details being stolen.
One of the reasons given by Betfair for not disclosing the theft to its customers was because its security measures made any data unusable for fraudsters and that they were able to recover all data intact. The gambling firm also claimed that the Australian Federal Police and German authorities were contacted by them over the attack.
Nick Pickles of the Big Brother Watch group said “this is nothing short of a scandal and for the personal details of millions of customers to be lost is one thing, but to then fail to inform those affected is outrageous.”
A spokesman for Betfair said that they have concluded a review of their security since the attack and have subsequently implemented all the recommendations from the independent reports they commissioned in order to minimize the risk of another attack.