Irish bookmakers Paddy Power have revealed that 649,000 customers have been affected by a data breach that occurred over four years ago. It is reported that 120,000 of those affected are in Ireland alone.
The company insists that no financial data was accessed in the breach, which took place in 2010. The Irish Independent reports that info used to verify accounts was accessed, including names, addresses, and dates of birth.
The 649,055 customers affected represented 29pc of Paddy Power’s total online customer base in 2010.
It is understand that any user that signed up since 2010 are unaffected.
Paddy Power adds that it is contacting all affected customers and will be working on Gardaí (police) and the Data Protection Commissioner. The company released a statement today announcing that it was made aware of breach in May of this year but provided no explanation as how a breach of this volume could go undetected for nearly four years.
“The full extent of the 2010 data breach became known to the Company in recent months when it took legal action in Canada with the assistance of the Ontario Provincial Police to retrieve the compromised dataset from an individual.”
“Robust security systems and processes are critical to our business and we continuously invest in our information security systems to meet evolving threats,” said MD Online of Paddy Power, Peter O’Donovan. “This means we are very confident in our current security systems and we continue to invest in them to ensure we have best in class capabilities across vulnerability management, software security and infrastructure.”