The prominent gambling firms Paddy Power and Betfair have recently reported a data breach, revealing that an unauthorized third party accessed sensitive information related to up to 800,000 customers. According to the companies’ parent organization, Flutter, the breach compromised limited betting account details, including usernames, email addresses, and IP addresses.
Flutter has reassured customers that critical information such as passwords, ID documents, and usable card or payment details remain unaffected by the breach. Nevertheless, the choice of the word ‘usable’ raises concerns about the possibility of partial payment card data being exposed. As a result, customers are advised to remain vigilant against potential phishing attacks that could impersonate official communications from Paddy Power and Betfair.
In response to the breach, Flutter has initiated a comprehensive investigation aimed at understanding the full scope of the incident. The company is collaborating with external cybersecurity experts to ensure that appropriate measures are implemented to protect customer data moving forward.
This incident is not the first data breach for Paddy Power, which had a previous significant breach where customer data went unreported for four years. However, the current response indicates a more proactive approach to notifying affected clients compared to past incidents. Customers affected by this breach have already begun receiving email notifications urging caution.