Breach, Data Security

Poker website hack impacts 50K active accounts, officials say


Officials with World Poker Tour Amateur Poker League (WPTAPL) have confirmed that a small portion of data was hacked on its website, subsequently compromising roughly 50,000 active accounts.

In a Jan. 3 Twitter post, an individual who goes by the handle @smitt3nz claimed to have hacked the WPTAPL website to obtain a list of 175,333 plaintext passwords, several of which belong to government officials. The alleged hacker posted a link to the list.

“It's pretty much worthless information,” Kurt McPhail, president and CEO of WPTAPL, told on Monday. “[Most of] the data they obtained was old.”

McPhail said only 50,000 of the more than 175,000 listed email addresses and passwords are still active and explained that since WPTAPL is a free website, no financial information is associated with the accounts. The information cannot even be used to log into the WPTAPL accounts, McPhail added, because players have separate usernames to login.

“This is now being fixed as we speak,” McPhail said. “We're applying some patches right now and some new coding for our logins. We will be notifying [members] of what happened.”

A search through the list revealed that some users hold government positions, including with the White House and the U.S. Department of Justice. There are 46,901 accounts that have the same password – sdf7asdf6asdg8df – which @smitt3nz suggested is a default reset password.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.