Breached: Hackers Stole Customer Information in 2010, Paddy Power Now Acknowledges

Personal details of over 649,000 customers was stolen in 2010, thanks to a massive data breach at Paddy Power. Paddy Power is the third largest sports book in Europe.

The stolen data includes names, addresses, dates of birth, and even the maiden names of mothers. Paddy Power used that information to verify account details. Only bettors who joined Paddy Power online service before 2011 are affected.

Paddy Power claims the stolen data does not include any personal financial information.

The sports book has only this afternoon confirmed the huge incursion to its systems, which occurred in 2010. They have not given a reason why they waited until now to tell customers that their personal information was stolen.

It’s believed Paddy Power was aware in 2010 that its computers had been compromised. They performed a security audit and updated its technology infrastructure.

There are rumors circulating that the company was approached by a third party who claimed that a person in Canada was in possession of personal details of Paddy Power customers.

Paddy Power has begun legal proceedings in Ontario to take possession of computer equipment owned by the person who was holding the Paddy Power data, believed to be living in Toronto.

“We sincerely regret that this breach occurred and we apologize to people who have been inconvenienced as a result,” said Peter O’Donovan, MD Online, Paddy Power.

“We take our responsibilities regarding customer data extremely seriously and have conducted an extensive investigation into the breach and the recovered data. That investigation shows that there is no evidence that any customer accounts have been adversely impacted by this breach. We are communicating with all of the people whose details have been compromised to tell them what has happened.

“Robust security systems and processes are critical to our business and we continuously invest in our information security systems to meet evolving threats. This means we are very confident in our current security systems and we continue to invest in them to ensure we have best in class capabilities across vulnerability management, software security and infrastructure,” he added.