Super Casino Security Breach

JGslots

Ueber Meister
webmeister
PABinit
Joined
Feb 12, 2013
Location
Wales
Has anyone else received this email from Super Casino?


We regret to inform you that SuperCasino has suffered a security incident and some of your personal data has been revealed to an unauthorized person. We took various mitigating measures and the unauthorised person is no longer able to access your data. Rest assured that our investigations show that your credit card, payment information, password and copies of any documents sent to SuperCasino have not been accessed and remain secure . After conducting detailed investigations into the incident, we can confirm that the unauthorised person has been able to access your username and name, email address, telephone number, residential address, date of registration and some internal activity classifications that are not of relevance to the unauthorized person.

It is our duty to report this data breach to you and inform you what data has been compromised. We also advise to take the following steps to minimise potential damage.
  • We advise you to reset your password on our website and other websites you frequently visit, especially if those passwords were made up of a combination of any of the personal data described above. In this way, you will be able to avoid risks coming from password attacks (such as when an attacker could manage to decipher your passwords based on the information they have, and use it to log into your accounts on other websites).
  • When resetting your password, we advise and emphasise that it is always more secure to not use personal identifiers as part of your password. Particularly, please avoid using any passwords that relate to the data that has been accessed as part of this incident, namely you telephone number or residential address.
  • Please pay attention to any emails you may receive asking you to change your password or username, or to provide your password or username, or emails requesting you to change any payment methods or transfer money to a new bank account. All these emails, or any other communications which request you to provide further personal information or question your personal information must be treated as suspicious, since this can be an attempt to get more of your data via a phishing attack. A phishing attack, is when an unknown person sends emails to you that appear from other legitimate sources (for example, your bank) so you can reveal more data to them. Please do not engage in any communication with a person who you do not know at this time and feel free to get in touch with us if in doubt.
Note that our lead supervisory authority for data privacy, the Malta Information and Data Protection Commission (the IDPC) and the Malta Police have been notified of this incident and we are working with them both closely. For any questions about the incident, you can reach Us (your Data Controller, BML Group Limited) via our DPO, Adriana Minovic and data privacy team, on contacts provided at
You do not have permission to view link Log in or register now.
. However please note that in order to provide you with a fast response, you can reach Us on the email channel dedicated to this incident [email protected].
 

dunover

Unofficial T&C's Editor
Staff member
webmeister
PABnonaccred
PABnononaccred
CAG
mm3
Joined
May 22, 2012
Location
the bus shelter, opposite GCHQ Benhall
Yet these fools want us to send DNA, photos of documents, statements, address etc. We take their word that those haven't been accessed, whilst everything else has?

Members of these casinos, I feel spam will be the main purpose of the hack.
 

Jasminebed

Game old gal
Joined
Mar 13, 2008
Location
Ontario
A few years ago, Ontario Student Loans had a data breach, that included my daughter's info. They covered two years of enhanced security coverage and alerts, probably not adequate, as they may try for years.
 

DreamRJ

Out of this world!
MM
Joined
Jun 6, 2013
Location
RJVille UK
Yep, I concur, I had the same emails from all those casinos too. Worrying to be honest. But hey, this is the risk we take when we hand over all our personal details when we register to these casinos or any website for that matter.

Data Breaches can and do happen. Sometimes they happen even without the staff finding out they have even been breached. So we still never know if or when our data has been viewed by hackers or people who used to work for the companies and they went rogue etc etc.

We can not really do anything, we can not exactly all change our names or address overnight. Strange how it says to change passwords though when they said passwords was not breached.

Unless they say it for the email accounts, to change the passwords for those accounts and not the actual casino accounts.

I use different passwords for all sites and accounts anyway, no password is identical. So I am fine. I also use 12+ characters in my passwords, With also special characters as well.
 

colinsunderland

Experienced Member
webmeister
MM
Joined
Jan 28, 2016
Location
uk
Live chat told me casinoeuro wasn't breached as they aren't stored on the same third party servers that were breached.
I don't see anything in the privacy policy that allows data to be transferred to a third party for this, and certainly don't see it listed anywhere either as places data may be transferred to.

Maybe @Betsson-Group can tell us who the third party is who had control of our data?
 

ESCJAMIE

He/Him. High Voltage Only
MM
Joined
Aug 17, 2018
Location
UK South west
Just had the same email from vernons
We regret to inform you that Vernons has suffered a security incident and some of your personal data has been revealed to an unauthorized person. We took various mitigating measures and the unauthorised person is no longer able to access your data. Rest assured that our investigations show that your credit card, payment information, password and copies of any documents sent to Vernons have not been accessed and remain secure. After conducting detailed investigations into the incident, we can confirm that the unauthorised person has been able to access your username and name, email address, telephone number, residential address, date of registration and some internal activity classifications that are not of relevance to the unauthorized person.

It is our duty to report this data breach to you and inform you what data has been compromised. We also advise to take the following steps to minimise potential damage
 
Top