Poker website hack impacts 50K active accounts, officials say

Share this article:

Officials with World Poker Tour Amateur Poker League (WPTAPL) have confirmed that a small portion of data was hacked on its website, subsequently compromising roughly 50,000 active accounts.

In a Jan. 3 Twitter post, an individual who goes by the handle @smitt3nz claimed to have hacked the WPTAPL website to obtain a list of 175,333 plaintext passwords, several of which belong to government officials. The alleged hacker posted a link to the list.

“It's pretty much worthless information,” Kurt McPhail, president and CEO of WPTAPL, told on Monday. “[Most of] the data they obtained was old.”

McPhail said only 50,000 of the more than 175,000 listed email addresses and passwords are still active and explained that since WPTAPL is a free website, no financial information is associated with the accounts. The information cannot even be used to log into the WPTAPL accounts, McPhail added, because players have separate usernames to login.

“This is now being fixed as we speak,” McPhail said. “We're applying some patches right now and some new coding for our logins. We will be notifying [members] of what happened.”

A search through the list revealed that some users hold government positions, including with the White House and the U.S. Department of Justice. There are 46,901 accounts that have the same password – sdf7asdf6asdg8df – which @smitt3nz suggested is a default reset password.

Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.