milemaster
Dormant account
- Joined
- Aug 24, 2005
- Location
- Yarnbombing, Phlugerstan
Hello all,
I don't want to be overly dramatic here, but my experience with the casino group that runs Cherry Jackpot and Casino Max is super alarming. In my two decades of gambling online I have never seen anything as scary as what I've experienced yesterday and today.
Long story short, I sent my verification documents into their support alias support@cherryjackpot.com and received an autoreply it was received. My documents consisted of a single PDF that had my drivers license, utility bill. and front and back of the credit cards I used.
A few minutes later I received a reply from their support indicating they will present my documents to the banking group, and included with that email was a direct url <snipped URL>..... (sensitive url hidden) that linked directly to my PDF file.
THERE IS NO AUTHENTICATION IN FRONT OF IT. Anyone can use that link and view all of my personal data I sent over and it's just on the internet. I tried it on 2 different computers with 3 different browsers, including my mobile phone and my documents downloaded and appeared.
I contacted support and was told not to worry as there is only risk if someone finds out the URL goes to it. The odds of someone "figuring it out is unlikely"
This is unbelievably wreckless to not put a password in front of it. My suggestion would be if you played at their casinos to check the confirmation emails you received when you sent your personal information and look for a link at the base of the email that begins with downloads.intercomcdn.com and click on it to see if your information comes up too.
Again, this can be accessed outside of their casino, your email box.. anyone with a browser on a device on the internet can view it. I know this casino is accredited, but to not put at least a password in front of it is pure idiocy.
I don't want to be overly dramatic here, but my experience with the casino group that runs Cherry Jackpot and Casino Max is super alarming. In my two decades of gambling online I have never seen anything as scary as what I've experienced yesterday and today.
Long story short, I sent my verification documents into their support alias support@cherryjackpot.com and received an autoreply it was received. My documents consisted of a single PDF that had my drivers license, utility bill. and front and back of the credit cards I used.
A few minutes later I received a reply from their support indicating they will present my documents to the banking group, and included with that email was a direct url <snipped URL>..... (sensitive url hidden) that linked directly to my PDF file.
THERE IS NO AUTHENTICATION IN FRONT OF IT. Anyone can use that link and view all of my personal data I sent over and it's just on the internet. I tried it on 2 different computers with 3 different browsers, including my mobile phone and my documents downloaded and appeared.
I contacted support and was told not to worry as there is only risk if someone finds out the URL goes to it. The odds of someone "figuring it out is unlikely"
This is unbelievably wreckless to not put a password in front of it. My suggestion would be if you played at their casinos to check the confirmation emails you received when you sent your personal information and look for a link at the base of the email that begins with downloads.intercomcdn.com and click on it to see if your information comes up too.
Again, this can be accessed outside of their casino, your email box.. anyone with a browser on a device on the internet can view it. I know this casino is accredited, but to not put at least a password in front of it is pure idiocy.
Last edited by a moderator: