The company faced blackmail and threats after a data breach.
A large betting company 1win has faced a serious leak of user data. According to the company's founder, the attackers managed to gain access to a part of the database containing the email addresses and phone numbers of about 100 million users.
The attack was preceded by a series of large-scale DDoS attacks, which turned out to be so powerful that even a DDoS protection provider could not cope with them. After the first wave of attacks, there were attempts to penetrate the company's infrastructure in various ways: sending viruses to employees to obtain passwords from servers, multiple attacks on the infrastructure, as well as the successful hacking of one of the merchants.
Despite the active strengthening of the information security department, the attackers discovered and exploited an existing vulnerability in the system. The hackers demanded a ransom for the stolen data, initially asking for $1 million. During the negotiations, the amount increased to $15 million, while the terms were constantly changing.
"The blackmailers decided to lay out part of the database and start information pressure to get more money," said the founder of 1win. According to him, the attackers use various methods of pressure through the media in order to cause reputational damage to the company.
The management of 1win emphasizes that at the moment the company's infrastructure is completely safe.
Earlier, specialized Telegram channels reported that on November 6, SQL dumps with the data of players and partners of the presumably online casino 1Win were found on one of the shadow forums. The total size of the published files is about 29 GB. The dumps, dated November 2, 2024, contain usernames, email addresses, phone numbers, hashed passwords, dates of birth, countries of residence, IP addresses, and other sensitive information.
Source
A large betting company 1win has faced a serious leak of user data. According to the company's founder, the attackers managed to gain access to a part of the database containing the email addresses and phone numbers of about 100 million users.
The attack was preceded by a series of large-scale DDoS attacks, which turned out to be so powerful that even a DDoS protection provider could not cope with them. After the first wave of attacks, there were attempts to penetrate the company's infrastructure in various ways: sending viruses to employees to obtain passwords from servers, multiple attacks on the infrastructure, as well as the successful hacking of one of the merchants.
Despite the active strengthening of the information security department, the attackers discovered and exploited an existing vulnerability in the system. The hackers demanded a ransom for the stolen data, initially asking for $1 million. During the negotiations, the amount increased to $15 million, while the terms were constantly changing.
"The blackmailers decided to lay out part of the database and start information pressure to get more money," said the founder of 1win. According to him, the attackers use various methods of pressure through the media in order to cause reputational damage to the company.
The management of 1win emphasizes that at the moment the company's infrastructure is completely safe.
Earlier, specialized Telegram channels reported that on November 6, SQL dumps with the data of players and partners of the presumably online casino 1Win were found on one of the shadow forums. The total size of the published files is about 29 GB. The dumps, dated November 2, 2024, contain usernames, email addresses, phone numbers, hashed passwords, dates of birth, countries of residence, IP addresses, and other sensitive information.
Source
