There is the dataminer's full explanation of what has happened here.
Even though this was discovered almost 24 hours ago the software is still operating and Bodog has said nothing. We know they are reading these forums...
I see, screen names are gone, but what is happening is that each client is being sent the Bodog ACCOUNT NUMBERS of every other player at "your" table. This is WORSE than others being able to see your screen name, as the account number is one of the secure fields used to log in to an account. It would be like casinos displaying my account number on the scoreboard of things like MPV tournaments. I have to admit, some MGS casinos actually DO this when they set up the alias for you, but mostly it seems to be naive players choosing their account numbers as their alias.
The account number issue here would seem to render all PAST data mining worthless, as it is based on screen names, but unbeknown to players, a fresh start could be made by tracking based on these account numbers.
Bodog are also accused of lying in their "spin" by indicating that this kind of hack could not even happen because the "data is not even sent to the client" and so it could never be intercepted.
It was easily spotted that these numbers were account numbers with the digit "1" added to the end by their programmer sitting down at the table, and comparing his own anonymised ID against his login, revealing the formula used by Bodog.
They finish off by arguing that the end result is WORSE than before, because the victims of the pro players have been lulled into a false sense of security, whereas before they KNEW they could be identified by their screen name, and tracked, even if they were unaware of how it was done, and by whom, or how much of an advantage it gave the pro players.
It seems the "party cracker" has been around for a while, so players there have been falsely believing they were completely anonymous to the "sharks", when in fact they were often "easy prey".
It seems odd that this company have decided to blow the whistle, rather than develop and sell "Bodog cracker" for profit, even though data mining poker hand histories is their business, and anything that stops this could drive them out of business. It seems THEY are "up to something" too, and have decided to sacrifice a potential "Bodog cracker" money making venture in order to gain some moral high ground that they probably hope will give them an even better opportunity later on.
It could be that they are trying to pressure Bodog into a rollback to the old software, and kill the idea among other poker sites that anonymous tables is a bad move. Their motive for this would be obvious, their old tools are no longer at risk of becoming obsolete, and this preserves the value of work they have already undertaken, and are profiting from.
It does not matter whether it is an account number or some other fixed numerical identifier that Bodog sends to the client, but hides from the "recreational user". ANY numerical value that is "hard wired" to a particular player can be used for datamining and player tracking, this value needs to stay on the server, and if the client needs something, it should be a disposable ID, a bit like the "one time only" credit card numbers generated by desktop virtual payment cards like Net+. This would ONLY be tied to a particular player for that one game at the one table, but could NOT be used to track and profile their playing style over a period of time at a number of different tables. I thought this was what Bodog had done to start with, and why a new statistical approach would be needed in order to develop a new set of tools for the pro player.