Ontario gamblers affected by recent BetMGM data breach
Online sports betting continues to gain popularity. However, gamblers in Ontario are being notified they may be the victims of a recent data breach.
Leading sports betting company BetMGM announced on Dec. 21 the personal information of its customers was obtained in an unauthorized manner.
- Download our app to get local alerts on your device
- Get the latest local updates right to your inbox
The breach affected the data of some patrons, including their names, contact information (such as postal address, email address and telephone number), dates of birth, hashed Social Security numbers, account identifiers (such as player ID and screen name) and information related to transactions with BetMGM.
Ritesh Kotak is a cybersecurity analyst and said, “Once you become the victim of any type of breach, putting the toothpaste back in the tube becomes almost impossible.”
“Any type of date breach is significant because your personal identifiable information is essentially out there in cyberspace for hackers to leverage. Think about how that information can be weaponized against members of the population you have, identity theft and theft of potential credentials,” Kotak told CTV News Toronto in an interview.
The company believes the hack happened in May 2022, less than two months after it expanded operations into Ontario. However, it wasn’t until Nov. 28 the company became aware of the matter. BetMGM said it has no evidence that patron passwords or account funds were accessed in connection with the breach.
While the betting firm has yet to disclose the number of customers that had their information stolen in the breach, an apparent hacker posted on the dark web they are selling the stolen data of more than 1.5 million alleged customers from several U.S. states including, New Jersey, Michigan, West Virginia, and Ontario in Canada.
iGaming Ontario oversees online gaming in the province and tells CTV News Toronto BetMGM recently discovered they have experienced a “privacy incident, including unauthorized access to records of Ontario players.”
“While this incident is serious and is being treated as such, the overall integrity of the Ontario regulated iGaming market is extremely reliable. Operators are required to have strict protocols in place to ensure the protection of people’s personal data,” the government agency said in an emailed statement.
CTV News Toronto reached out to the Office of the Information and Privacy Commissioner of Ontario asking if BetMGM is required to notify them of a breach but was told it does not have oversight over BetMGM.
The Office of the Privacy Commissioner of Canada, however, tells CTV News Toronto it did receive a breach report from MGM, which it is now reviewing in order to determine next steps. A spokesperson for the office adds, “Unfortunately, we are not in a position to provide additional details at this time”.
CTV News Toronto also reached out to the Alcohol and Gaming Commission of Ontario asking if it is conducting its own investigation or doing a review of BetMGM practices, and received this response: “The Alcohol and Gaming Commission of Ontario (AGCO) is monitoring the BetMGM incident of unauthorized access to Ontario player data. This is a serious concern and we are reviewing BetMGM systems, policies and practices given their regulatory responsibility to protect player information.”
Kotak says, “Anytime a company expands, it’s important to understand that cybersecurity and privacy, especially customer privacy, must be front and centre, it cannot be an afterthought”.
This is not the first gaming cyberattack in Ontario. In 2016, Casino Rama was the victim of a breach where people had their information stolen and a hacker published 14,000 personal files, including employee information and confidential emails.
For online gamblers, Kotak suggests creating a new email address and password, enabling multi-factor authentication, and using prepaid credit cards because, “You’re not actually putting in your actual credit card information so if there’s a breach, it’s limited to the amount of money you put in”.
BetMGM says it is working with law enforcement and taking steps to enhance its security. In an email to patrons, it also advises users to remain vigilant by reviewing their account statement and monitoring their free credit reports. The company says Canadian patrons can order credit reports from TransUnion Canada and Equifax.
CTVNews.ca Top Stories
Canada Post strike: Union 'extremely disappointed' in latest offer, negotiator says
A negotiator for the Canadian Union of Postal Workers (CUPW) says the latest offer from Canada Post to end the ongoing strike shows the carrier is moving in the "opposite direction."
Trump is welcomed by Macron to Paris with presidential pomp and joined by Zelenskyy for their talks
French President Emmanuel Macron welcomed Donald Trump to Paris with a full dose of presidential pomp for the reopening of the Notre Dame Cathedral.
Digging themselves out: With Santa Claus parade cancelled, Londoners make best of snowy situation
Londoners continue to dig themselves out from this week’s massive snowstorm.
Canada's air force took video of object shot down over Yukon, updated image released
The Canadian military has released more details and an updated image of the unidentified object shot down over Canada's Yukon territory in February 2023.
U.S. announces nearly US$1 billion more in longer-term weapons support for Ukraine
The United States will provide nearly US$1 billion more in longer-term weapons support to Ukraine, Defense Secretary Lloyd Austin said Saturday.
New plan made to refloat cargo ship stuck in St. Lawrence River for two weeks
Officials say they have come up with a new plan to refloat a large cargo ship that ran aground in the St. Lawrence River two weeks ago after previous efforts to move the vessel were unsuccessful.
Why finding the suspected CEO killer is harder than you might think
He killed a high-profile CEO on a sidewalk in America’s largest city, where thousands of surveillance cameras monitor millions of people every day.
Sask. doctor facing professional charges in circumcision case
A Saskatoon doctor has been accused of unprofessional conduct following a high-cost adult circumcision that included a request for the patient to text unsecured post-op pictures of his genitals.
An archbishop's knock formally restores Notre Dame to life as winds howl and heads of state look on
France's iconic Notre Dame Cathedral is formally reopening its doors on Saturday for the first time since a devastating fire nearly destroyed the 861-year-old landmark in 2019.