Unsecured database leaks WinStar app customer data

TechCrunch reports that Oklahoma-based casino and hotel resort WinStar had its customers' sensitive data inadvertently leaked by an exposed database owned by Nevada software startup Dexiga, which developed the casino resort giant's My WinStar app. Information included in the database, which was immediately secured by Dexiga, were individuals' full names, home and email addresses, and phone numbers, according to cybersecurity researcher Anurag Sen. Further examination by TechCrunch revealed all of the leaked details, including gender and devices' IP addresses, were unencrypted although birthdates were noted to have been redacted. Moreover, details of Dexiga founder Rajini Jayaseelan were also included in the exposed data. Such an incident has been attributed by Dexiga to a log migration last month, with the startup noting that all information in the database was "publicly available" and not sensitive. "We are further investigating the incident, continue to monitor our IT systems, and will take necessary future actions accordingly," said Dexiga, which did not specify whether WinStar had already been informed regarding the accidental data leak.