Hundreds of thousands of players can become victims of mass fraud.
Confidential user data, including home addresses and amounts of money spent on gambling, has been leaked at one of the largest online casinos in Mexico. Apparently, the data was compromised by unauthorized persons.
The Cybernews research team found that the Mexican online casino Strendus shared access to 85 GB of its authentication logs, which contain hundreds of thousands of entries with players ' personal data. The open database also contained data from another online casino, MustangMoney.
Strendus disclosed such data as: user logins, names, government identification numbers( CURPS), phone numbers, email addresses, home addresses, dates of birth, gender, KYC status, IP addresses used to register and log in to the account, amounts of deposits and withdrawals, as well as notes about users made by administrators and support staff.
In the Elasticsearch database, the researchers found 16 indexes called " hacked[_id]", which are probably signs of compromise (IoC). For example, this may be a sign of unauthorized access to logs.
Open access to the data has existed since March 8, 2023. Despite the fact that the researchers reported the problem to the platform owner on April 7, the database remained open until mid-October. Strendus did not comment on the situation.
Disclosure of CURP numbers in combination with other personal information can be used to open bank accounts or make unauthorized changes to government websites. Detected phone numbers can be used for spam, malware attacks, and SIM spoofing, while leaking IP addresses increases the risk of local network hijacking.
Confidential user data, including home addresses and amounts of money spent on gambling, has been leaked at one of the largest online casinos in Mexico. Apparently, the data was compromised by unauthorized persons.
The Cybernews research team found that the Mexican online casino Strendus shared access to 85 GB of its authentication logs, which contain hundreds of thousands of entries with players ' personal data. The open database also contained data from another online casino, MustangMoney.
Strendus disclosed such data as: user logins, names, government identification numbers( CURPS), phone numbers, email addresses, home addresses, dates of birth, gender, KYC status, IP addresses used to register and log in to the account, amounts of deposits and withdrawals, as well as notes about users made by administrators and support staff.
In the Elasticsearch database, the researchers found 16 indexes called " hacked[_id]", which are probably signs of compromise (IoC). For example, this may be a sign of unauthorized access to logs.
Open access to the data has existed since March 8, 2023. Despite the fact that the researchers reported the problem to the platform owner on April 7, the database remained open until mid-October. Strendus did not comment on the situation.
Disclosure of CURP numbers in combination with other personal information can be used to open bank accounts or make unauthorized changes to government websites. Detected phone numbers can be used for spam, malware attacks, and SIM spoofing, while leaking IP addresses increases the risk of local network hijacking.
