Customers continue to receive letters from TwinSpires.com informing them of a security breach that allowed access to basic personal information.
The breach occurred Aug. 3, according to the letter sent to customers. The Louisville Courier-Journal first reported the incident in early September.
"Immediately upon learning of this intrusion, a third-party forensic investigation was initiated to contain and assess the situation," TwinSpires.com said in the letter.
The accessed information "was limited to" customers' names, Social Security numbers, dates of birth, and e-mail addresses. The Churchill Downs Inc.-owned advance deposit wagering system said it has "remediated the issue" and strengthened its security protocol.
CDI spokeswoman Courtney Yopp Norris said Sept. 12 there are no updates on the situation. It couldn't be confirmed how many customers received letters, one of which was dated Aug. 31 and received the week of Sept. 9.
There have been reports at least 20% of TwinSpires.com customers were impacted by the breach.