Paddy Power Suffers Massive Data Breach: More Than 649,000 Customers Compromised

More than 649,000 customers of the UK’s third largest bookmaker, Paddy Power, have had their personal information stolen, it was revealed on Thursday.  Of those, approximately 120,000 are based in Ireland.

No customers who signed up after 2010 are impacted by the breach.

CEO Patrick Kennedy only confirmed the breach at that time.

The company said that neither financial information - such as credit or debit card details - nor account passwords were accessed in the incident.

Information that was breached includes customers' names, usernames, addresses, email addresses, phone numbers and dates of birth, as well as security questions and answers.

Paddy Power officials learned that some confidential customer information had been stolen from a yet-to-be-identified individual based out of Canada and that the full extent of the breach was only known after it had taken legal action.

Paddy Power said it had had engaged with the Office of the Data Protection Commissioner on the matter and is notifying affected customers.

Security experts advise changing security questions and answers in all personal accounts following a breach of this nature. 

The accounts themselves were not adversely impacted from a monetary standpoint.

Paddy Power noted: "The accessed information alone would not have been sufficient to grant access to a Paddy Power customer account and this incident has no impact on customers who opened accounts after 2010."

- Aaron Goldstein, Gambling911.com