Great Britain-based Betfair, the largest operator of exchange wagering in the world, admitted it did not inform its customers that details of millions of credit cards were stolen in a major cyber attack 18 months ago, the UK Press Association reported Sept. 29.
More than 3.1 million account names with encrypted security questions, 2.9 million usernames, and about 90,000 account usernames with bank account details were stolen in an attack in March 2010, UKPA reported.
Betfair, which owns the U.S.-based TVG racing network, told officials it didn’t inform its registered customers of the attack because its security measures made the data unusable for fraudulent activity. The company also said it was able to recover the data intact.
A report commissioned into the theft, seen by the Daily Telegraph, was published Sept. 27, 2010, six days after Betfair announced its intention to sell on the London Stock Exchange.
A Betfair spokesman told the UKPA it decided not to disclose the attack because there was no impact on customers. The company did, however, report the incident the Serious Organized Crime Agency in Great Britain.
Betfair has repeatedly touted its security system and has pushed for exchange wagering in the United States.
“We have subsequently implemented all of the recommendations from the independent reports we commissioned and have done everything we can to minimize the risk of this happening again,” the spokesman told the UKPA.