RBC reports that BI.ZONE experts discovered that a database of almost 10 million betting accounts and Pin-Up [.] Bet online casinos is being sold on the darknet. Most of the data in the dump turned out to be associated with Russia.
In total, more than 9.975 million people became victims of the leak, of which slightly more than 7.8 million accounts were registered in Russia, another 1.3 million – in the UK, 600,000 – in Turkey, the rest – in Brazil, USA, Germany and Azerbaijan …
The publication notes that Pin-Up [.] Bet is a legal bookmaker that allows you to bet on sports and play in online casinos. Since in Russia the activity of online casinos is prohibited, and the international version of the site is blocked by the decision of the Federal Tax Service (FTS), however, its mirrors are available to users. In addition, the Pin-Up [.] Ru website operates in Russia, which accepts only sports bets, without providing an opportunity to play in an online casino. Moreover, the owner of the domain name, William Hill LLC, is listed in the register of gambling organizations in bookmakers or sweepstakes of the Federal Tax Service.
The seller asked for $ 10,000 in cryptocurrency for the database. For this money, he promises to provide the buyer with data on users’ e-mail, date of birth, phone number, financial information, address, gender, favorite game in which the most bets were made, and other data. RBC correspondents were convinced that the samples provided by the seller really indicated personal data, including the city, address, phone number, and so on.
“The author of the ad declares that the base being sold is up-to-date at the end of 2020. To prevent possible consequences, we recommend that users change their passwords and set up two-factor authentication, if possible, ”said Evgeny Voloshin, director of the BI.ZONE expert services block.
The fact that there is such a base in the sale of RBC was confirmed by the head of the research group for public leaks at Group-IB Oleg Dyorov, as well as the founder of the DLBI data leak analysis service Ashot Hovhannisyan.
“Cases when data from betting platforms are leaked to the network are quite rare. I would say that this is a large drain. Most likely, the server was hacked. They could have merged through some vulnerability like SQLi, ”Hovhannisyan commented.
Catch up on more stories here
Follow us on Facebook here