DraftKings confirms credential stuffing hack 

DraftKings, a sports betting company, has announced that it would make it up to all customers affected by a credential stuffing attack, which resulted in losses of up to $300,000. The hack happened after the common denominator for all accounts that were hijacked.

The hack occurred late Sunday night, the busiest day of the week for sportsbooks, and just hours before the first United States World Cup soccer match, which is expected to generate significant gambling interest. Then, early Monday morning, DraftKings issued a statement saying that it was looking into reports of customers having problems with their accounts.

DraftKings believes its customers’ login information was compromised on other websites and then used to access their DraftKings accounts using the same login information.

“We have seen no evidence that DraftKings’ systems were breached to obtain this information. We have identified less than $300,000 of customer funds that were affected, and we intend to make whole any customer that was impacted,” it said.

The company then advised customers not to use the same password for more than one online service and not to share their credentials with third-party platforms, such as betting trackers and betting apps other than DraftKings.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web