Online casino group leaks information on 108 million bets, including user details
An online casino group has leaked information on over 108 million bets, including details about customers' personal information, deposits, and withdrawals, ZDNet has learned. The data leaked from an ElasticSearch server that was left exposed online without a password.
ElasticSearch is a portable, high-grade search engine that companies install to improve their web apps' data indexing and search capabilities. Such servers are usually installed on internal networks and are not meant to be left exposed online, as they usually handle a company's most sensitive information.
Despite being one server, the ElasticSearch instance handled a huge swathe of information that was aggregated from multiple web domains, most likely from some sort of affiliate scheme, or a larger company operating multiple betting portals. Some of the domains that Paine spotted in the leaky server are from Mountberg Limited, including kahunacasino.com, azur-casino.com, easybet.com, and viproomcasino.net, just to name a few.
The user data that leaked from this common ElasticSearch server included a lot of sensitive information, such as real names, home addresses, phone numbers, email addresses, birth dates, site usernames, account balances, IP addresses, browser and OS details, last login information, and a list of played games. Furthermore, Paine also found roughly 108 million records containing information on current bets, wins, deposits, and withdrawals. Data on deposits and withdrawals also included payment card details.
All of these exposed databases were found by independent researchers using tools anyone, including cybercriminals, can access. That is the important point – the problem of exposed Elasticsearch data is out of the bag and people are now looking for it.