Breach, Threat Management, Data Security, Privacy

DraftKings breach impacts almost 68K customers

Nearly 68,000 DraftKings customers had their personal data compromised after a credential stuffing attack against the sports betting platform last month, according to BleepingComputer. DraftKings disclosed in a data breach notification to the Maine Attorney General's office that 67,995 individuals had their data exposed in last month's cyberattack, with customer accounts compromised using credentials obtained from a non-DraftKings source. "In the event an account was accessed, among other things, the attacker could have viewed the account holder's name, address, phone number, email address, last four digits of payment card, profile photo, information about prior transactions, account balance, and last date of password change," said DraftKings, which has already activated additional fraud alerts while resetting impacted account passwords. However, the breach notification noted that there has been no evidence to suggest the compromise of Social Security numbers, financial account numbers, and driver's license numbers. Moreover, up to $300,000 in identified stolen funds have already been restored.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.