A POPULAR betting site has issued a warning to its millions of users over a data breach.
Sportsbook and betting platform FanDuel has cautioned users that their names and email addresses were exposed through the MailChimp security hole earlier this month.
MailChimp targets startups which are looking to grow[/caption]
The American betting company stressed that their own system was water tight but that customers should “remain vigilant” against phishing attacks.
MailChimp, a popular email marketing platform, admitted it had suffered a breach two weeks ago.
The event saw hackers steal an employee’s credentials to access the audience data for 133 customers.
The company targets startups, small companies which are looking to grow.
But MailChimp also works with some of the biggest media platforms in the world, including Vimeo, TED and FanDuel.
Audience data typically includes email addresses and customer names.
FanDuel, which had over 6million active users in 2021, has emailed customers telling them their personal data is now in the hands of bad actors due to the MailChimp breach.
“Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients,” read FanDuel’s email, seen by BleepingComputer.
“On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorised actor.
“No customer passwords, financial account information, or other personal information was acquired in this incident.”
FanDuel is owned by the same company which owns the UK’s biggest betting brands, such as Paddy Power, Betfair and Sportsbet.
There has been no evidence that the breach has impacted its UK siblings.
There has also not been any sign of MailChimp’s stolen data being uses for malicious purposes.
But email addresses are quite valuable for underground scamming gangs to conduct phishing attacks.
Phishing attacks are when bad actors try to get unsuspecting tech users to discloses personal information or click bad links via email.
Hackers may also use the breach as an opportunity to impersonate FanDuel with claims there is an ‘issue’ with users’ accounts to try and tease more personal information out of customers.
Experts have advised tech users to use a password manager or create a unique password for each site they create an account on to ensure a breach at one location doesn’t impact another.
Users should also block any suspicious emails they receive.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
- How to delete your Instagram account
- What does pending mean on Snapchat?
- How to check if you’ve been blocked on WhatsApp
- How to drop a pin on Google Maps
- How can I change my Facebook password?
- How to go live on TikTok
- How to clear the cache on an iPhone
- What is NFT art?
- What is OnlyFans?
- What does Meta mean?
Get all the latest WhatsApp, Instagram, Facebook and other tech gadget stories here.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at firstname.lastname@example.org