Skip navigation

Betfair 'hid data protection breach'

04 October 2011

Online gambling company Betfair has been accused of hiding a data protection breach from its customers.

According to reports, the firm's systems were hacked and 3.15 million customer details placed at risk.

The Daily Telegraph stated that the incident was reported to members of staff in an internal report that internet criminals had stolen account details, including encrypted security questions and details of some bank accounts and credit cards.

However, there was deemed to be "no threat to customers" and so subscribers to the service were not informed of the security breach.

The theft took place between March and April last year, affecting those accounts in existence on February 1st 2010.

In a statement, Betfair said: "Eighteen months ago we were subject to an attempted data theft. Because of our security measures the data was unusable for fraudulent activity and we were able to recover the data intact."

Betfair notified security agencies in the UK, Germany and Australia after it became aware of the problem two months after the incident occurred, when a crashed server highlighted the attack.

The company has stated it has improved its security systems since the breach, but Sean Catlett, Director of Security for the site, has left the company after the hacking incident, although the firm has insisted he did so to return to the US for a new role.

In August, retailers and firms that operate on the internet were urged by the Information Commissioner's Office (ICO) to ensure their security systems are adequate to protect customers' details.

The warning followed a data protection breach involving cosmetics firm Lush, which saw its systems hacked over four months, resulting in the loss of payment details relating to shoppers using its website.

According to the ICO, Lush signed an undertaking following the hacking incident to adhere to the Payment Card Industry Data Security Standard and improve recording of suspicious activity on its systems.

Want to comment? Join us on our LinkedIn discussion group.

You'll find free BCM resources and links to publications in Useful Business Continuity Management resources. There are links to Business Continuity training courses and advice on getting certified to BS 25999, the internationally recognised standard for Business Continuity Management.

Email Newsletter

Subscribe to our newsletter Subscribe to our newsletter to receive the latest Business Continuity Management news and information.

Training courses

View our BCM training courses View our Business Continuity training courses offered worldwide. These cover every aspect of BS 25999, the world's first British standard for BCM.
Feedback Form