PokerStars, the world’s largest online poker site, said that it’s fallen victim to the MOVEit Transfer attacks, with attackers accessing sensitive user data.
The US-registered company behind PokerStars in the region, TSG Interactive US Services Limited, started notifying customers whose data may have been exposed in the recent MOVEit Transfer attacks claimed by the Cl0p ransomware cartel.
The MOVEit zero-day vulnerability allowed the gang to access and extract certain information from the MOVEit Transfer servers, which victims used to store and share data. PokerStars also held some of its data there.
“Following the incident, we no longer utilize the MOVEit Transfer application,” PokerStars said.
The company’s letter says it learned about the vulnerability on June 2nd. The following investigation, assisted by external experts, concluded that “some files associated with PokerStars may have been copied by an unauthorized third party from May 30th to May 31st.”
According to the information that PokerStars provided to the Maine Attorney General, the breach exposed 110,291 individuals. Exposed files contained personal user details, including names, addresses, and Social Security numbers.
Experts warn that cybercrooks can use personal information to commit fraud ranging from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.
PokerStars said there’s no indication that the data was misused so far, however, the company will offer victims third-party identity protection services free of charge for 24 months.
The PokerStars brand is controlled by a Canadian online gambling company, The Stars Group, which is owned by a British sports betting firm, Flutter Entertainment.
Unrelenting Cl0p and MOVEit hacks
So far, nearly 400 organizations have been confirmed to be impacted by Cl0p’s MOVEit Transfer attacks, with over 20 million people having their data exposed.
Cl0p is a Russia-linked ransom group claiming responsibility for exploiting a SQL database injection flaw in the MOVEit Transfer file system, which has impacted thousands of companies worldwide.
Exclusive information, vetted by Cybernews, indicates that at least some of Cl0p’s affiliates might be residing in Kramatorsk, a Ukrainian city in the country’s embattled east. US officials are offering a $10 million bounty on the Cl0p gang.
More from Cybernews:
Subscribe to our newsletter