Churchill Downs wagering site hacked

TwinSpires.com, the wagering site for customers of the Louisville, Ky.-based Churchill Downs racetrack, was hacked, exposing the personal information of account holders.

How many victims? Churchill Downs has yet to disclose the number, though a spokeswoman told The Courier-Journal, located in Louisville, that less than 20 percent of its customers had their information compromised.  

What type of personal information? Names and encrypted Social Security numbers, birth dates and email addresses of account holders.

What happened? In a letter, the company said an intrusion into the computer records of TwinSpires.com occurred, exposing customers information, and that an investigation was immediately launched. A Churchill Downs spokeswoman did not immediately respond to a request for comment from SCMagazine.com.

What was the response? Churchill Downs set up a privacy hotline to address questions about the incident, and also offered one year of free credit monitoring services to affected individuals. Customers were notified of the breach in a letter.

Details: The breach occurred on Aug. 3, and the letter sent out to customers was dated Aug. 31. The company is also working with outside experts who will help them monitor ongoing operations of the site to ensure security.

Source: courier-journal.com, The Courier-Journal, “Churchill Downs Inc.'s TwinSpires.com announces security breach,” Sept. 4, 2012.