Strong rumours online, although I've not had anything official from Betfair yet.
Data breach affecting some customer's details including username, email address, name and address. No payment or password details at risk apparently.
Anyone had an email?
Betfair data breach
I've seen these rumours as well, but no email to me and I've not seen anybody else with one.
Betfair often ask people to change email or passwords due to them being compromised. So maybe somebody has got one of those and assumed it's something bigger.
I'll let anybody know if I hear anything official.
Betfair often ask people to change email or passwords due to them being compromised. So maybe somebody has got one of those and assumed it's something bigger.
I'll let anybody know if I hear anything official.
-
jamesedwards
- Posts: 4018
- Joined: Wed Nov 21, 2018 6:16 pm
I got one:
We are writing to inform you of a data incident on our Betfair platform. The nature of this incident means that regrettably some of your personal information has been impacted. Importantly, this does not include passwords, ID documents or any usable card or payment details. However, we want to be transparent with you and are therefore making you aware of the incident and the measures we have taken. You do not need to do anything, however we recommend you remain vigilant. We have provided a link below to general tips about online safety for your information.
What happened?
We recently detected that an unauthorised third party had gained access to limited betting account information related to some of our customers.
Immediately upon becoming aware of this incident, we initiated a full investigation, supported by leading IT security experts, to terminate the unauthorised access, fully contain the threat and protect our networks and our customers. We have informed the relevant regulators and authorities and will continue to engage with them as required.
Once the unauthorised access was removed and the incident fully contained, we immediately launched a full evaluation of the affected information, with our teams working to understand what customer information may have been involved.
Based on our evaluation of the information involved, we concluded that the personal information affected is limited to basic betting account details, such as your username and email address, and some contact information, including your name and the first line of your address and city. It also includes details of some recent activity on your account and technical data like your device ID and IP address. Importantly, this does not include passwords, ID documents or any usable card or payment details.
What you can do:
There is nothing you need to do in response to this incident, however we recommend you remain vigilant. You can find out more information about online safety here: https://www.ncsc.gov.uk/section/advice- ... our-family.
Should you have any questions, please do not hesitate to contact your account manager, who would be happy to arrange to speak at your convenience. We are grateful for your continued custom and happy to discuss how we can support you further with any next steps, should you find that useful.
We sincerely apologise for the inconvenience this incident may have caused. Safeguarding and securing your personal information is of the utmost importance to us. Thank you for your understanding.
Sincerely,
Ashley Hart
Managing Director, Customer Operations
We are writing to inform you of a data incident on our Betfair platform. The nature of this incident means that regrettably some of your personal information has been impacted. Importantly, this does not include passwords, ID documents or any usable card or payment details. However, we want to be transparent with you and are therefore making you aware of the incident and the measures we have taken. You do not need to do anything, however we recommend you remain vigilant. We have provided a link below to general tips about online safety for your information.
What happened?
We recently detected that an unauthorised third party had gained access to limited betting account information related to some of our customers.
Immediately upon becoming aware of this incident, we initiated a full investigation, supported by leading IT security experts, to terminate the unauthorised access, fully contain the threat and protect our networks and our customers. We have informed the relevant regulators and authorities and will continue to engage with them as required.
Once the unauthorised access was removed and the incident fully contained, we immediately launched a full evaluation of the affected information, with our teams working to understand what customer information may have been involved.
Based on our evaluation of the information involved, we concluded that the personal information affected is limited to basic betting account details, such as your username and email address, and some contact information, including your name and the first line of your address and city. It also includes details of some recent activity on your account and technical data like your device ID and IP address. Importantly, this does not include passwords, ID documents or any usable card or payment details.
What you can do:
There is nothing you need to do in response to this incident, however we recommend you remain vigilant. You can find out more information about online safety here: https://www.ncsc.gov.uk/section/advice- ... our-family.
Should you have any questions, please do not hesitate to contact your account manager, who would be happy to arrange to speak at your convenience. We are grateful for your continued custom and happy to discuss how we can support you further with any next steps, should you find that useful.
We sincerely apologise for the inconvenience this incident may have caused. Safeguarding and securing your personal information is of the utmost importance to us. Thank you for your understanding.
Sincerely,
Ashley Hart
Managing Director, Customer Operations
-
ShaunWhite
- Posts: 10442
- Joined: Sat Sep 03, 2016 3:42 am
Bit of pre-emptive homework...
3. If money goes missing — are you protected?
Yes — if:
Your Betfair account was accessed due to this data breach, and
You did not act negligently (e.g. didn’t give your password to someone, didn’t fall for a phishing email, etc.)
In the UK, Betfair (as part of Flutter) is regulated by the UK Gambling Commission and must follow consumer protection laws. If your account is accessed due to their failure to protect your data, you can seek reimbursement under:
The UK Gambling Commission's Licence Conditions and Codes of Practice (LCCP), especially under fair and open treatment of customers and customer funds protection
UK consumer law (under GDPR, if they’re at fault)
If Betfair refuses to reimburse, you can escalate via:
IBAS (Independent Betting Adjudication Service)
ICO (if a GDPR breach is involved)
Legal action or ombudsman (in rare cases)
3. If money goes missing — are you protected?
Yes — if:Your Betfair account was accessed due to this data breach, and
You did not act negligently (e.g. didn’t give your password to someone, didn’t fall for a phishing email, etc.)
In the UK, Betfair (as part of Flutter) is regulated by the UK Gambling Commission and must follow consumer protection laws. If your account is accessed due to their failure to protect your data, you can seek reimbursement under:
The UK Gambling Commission's Licence Conditions and Codes of Practice (LCCP), especially under fair and open treatment of customers and customer funds protection
UK consumer law (under GDPR, if they’re at fault)
If Betfair refuses to reimburse, you can escalate via:
IBAS (Independent Betting Adjudication Service)
ICO (if a GDPR breach is involved)
Legal action or ombudsman (in rare cases)
You do not have the required permissions to view the files attached to this post.
My account got hacked at the end of March this year. I put it down to joining a betting Discord (circa January) using the same username as my BF account username, so probably not related to this data breach.
BF support were great and it was sorted in less than hour (as they had already detected the hack) and my balance was as expected.
I've always used a pw manager with a VERY strong password. However, since then had 2FA enabled as well, so feel more at ease about the whole thing.
Stay safe peeps!
BF support were great and it was sorted in less than hour (as they had already detected the hack) and my balance was as expected.
I've always used a pw manager with a VERY strong password. However, since then had 2FA enabled as well, so feel more at ease about the whole thing.
Stay safe peeps!
