© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Fantasy Football Hub suffered a data breach: we are deeply sorry for everything

Fantasy Football Hub, a start-up specializing in Premier League fantasy football, admitted it had suffered a data breach.

They believe the hacker had gained access to their WordPress administrator dashboard and downloaded the Hub's usernames, emails, site financial reports, and affiliate payment records.

“On Saturday evening, our website suffered a cyber attack. We're working with Action Fraud, the police, the ICO, our hosting company, and security firms on the issue. We want to be completely transparent with our users and members about what has happened and what we are doing about it. Until the forensic examination is complete, users must assume any non-payment information they provided as part of the sign-up process has been compromised,” the company said in a blog post.

The company assured its customers that no bank details have been compromised as these are handled by payment gateways, PayPal and Stripe.

Even though WordPress, which the site is built on, stores hashed user passwords, some have been brute-force attacked and compromised.

Fantasy Football Hub apologizes for the breach, saying they are “deeply sorry for everything that has happened and understand the pain and anger felt by many.”

To mitigate the breach, the company has reset all the user passwords and implemented a password complexity policy for all site users, limiting similar attacks.

Fantasy Football Hub has also run malware scans and booked in periodic external security and penetration testing. It also claims to have significantly upgraded the website's password hashing policy, activated two-factor authentication for site admins, and will be rolling this feature out to all users.

The company did not disclose how many users have been affected.

More from CyberNews:

We've seen just the tip of the Mēris botnet iceberg

Why Facebook went down, and what's BGP routing

Use our personal data leak checker

Sophos principal research scientist: some criminals might not know how dumb they are

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked