Topic: PSA: Betcoin.ag/PlayBetr.com/Coinbet.ag Data Breach - page 2. (Read 741 times)

I think this very well could be a lie.

Blaming a former employee looks much less bad on Betcoin than a third party gaining access.  Also, Betcoin has a history of telling blatant lies both big and small.  (Including lying about having a "new start, new owners etc", multiple times, in order to blame past scandals on someone else)

This isn't the first time something like this has happened.



Ummm no.

!!!  Agree  100%

Where is the proof, ex-programmer? Lol!!! Maybe devOps drupal or laravel , mayby inj databases mysql? I suggest to make a thread at gambling = 2 weeks hack now or not betcoin.ag again? How dice)))
My thread  i'm update 4-5 days. thnks.

A u sure? Not March or end April =) ?

The more important concern here is that why is the backend provider handling user data in the first place? Most sportsbooks/casinos keep user data themselves and send data as needed between the providers, rather than the sole provider having all of the information?

You can't really fault Betcoin for a problem caused by their provider. That would be like blaming Discord if Google got hacked and all info was stolen off of Google Cloud.

Thanks for the update Darkstar. I recently checked out Betcoin.ag and played for a bit over there after the change in their owners and the updates they have been making with time, but I did not expect something like this.

Luckily, I don't have any balance currently though the way they are dealing with this situation proves their reliability over time. At this rate, I feel their trust feedback could go back to neutral soon. They need to employ stricter measures while selecting their employees.

Great to hear, thanks.

We will be notifying Betcoin users shortly. The research on this just concluded, and we can confirm that he had no access after March.

I would recommend sending an email alert out to your customers who were affected by the data breach to notify them. Can you confirm that the rogue employee had no access after February of 2019?

Thank you, DarkStar_, for bringing this situation to our attention.

After an in-depth investigation into this matter, it was determined that a former programmer of the software provider, who had legitimate access, was able to gain additional access and download the database of Betcoin and several other licensees of the software.  After this relationship was terminated, he no longer had any access to the database and at no time did he have access to any company or user funds. This is a very serious situation and we immediately devoted all resources to it once we were informed of it.

We are bombarded by threats, DDOS and extortion attempts on a daily basis and each one improves our security. We are extremely regretful that this incident took place, but at no time was anyone’s passwords or funds in jeopardy. We do recommend that all players use a high-level password for both their email and Betcoin accounts and that you activate 2fa for additional security. If anyone needs assistance with an email or password change or setting up 2fa, please contact us any time.

We wish to thank all of our players who have been so loyal to us since we first started in 2013. In this new age of technology, you often hear about some of the largest companies in the world having been breached and unfortunately, this is how new security methods are created. But we are happy to say that, throughout these 6 years, we have never had a player balance or password compromised. We will continue to improve and refine our security methods and we look forward to the next 6 years and beyond of serving our great players. If you have any questions or concerns, please let us know via DM, support ticket or email.

This is part of the reason we believe Bitcoin gambling (without KYC) will take over the online gambling industry.

Bank data is susceptible to this, why wouldnt an online gambling site lose customers information one way or another   

Interesting thread OP linked, that the hacker started and the operator joins in the conversation, worthy of popcorn for the time being. 

https://bitcointalk.org/index.php?topic=5164989.20

IF player funds were at risk, most of us would expect the guy to have moved other players funds with all this data. Obviously change account info on the site as DarkStar_ posted earlier.

Passwords were fortunately secured properly so mass bruteforce attacks are not possible. If a hacker wanted to try to steal account balances, they would have to individually bruteforce passwords which is not a practical attack vector. In the event that they did bruteforce a password, the account might be empty in the first place (balance info from Feb 2019 was stolen but nothing more current), withdraws have to be verified via email and the site may hold the withdraw until they verify that it is the original player.

That is bad news to the people who have an account in the said sites. Why is it that the balance is not at risk?. I don't think that everyone have their 2FA enabled and if the rouge employee did able to get the important information that is in the op's list then I think their balance is at great risk if those people did not take action on changing their security.

It appears that the back end provider behind Betcoin.ag/PlayBetr.com/Coinbet.ag has suffered a data breach caused by a rouge employee. This breach happened in February of 2019, and the affected sites are currently investigating. It is currently believed that there were no cases of unauthorized access after February. Neither sites have delivered an official statement yet, but this thread will be updated once they do.

Disclaimer: This post contains information that I believe is true based on publicly posted information as well as private messages with Betcoin and cheatedplayer. I strive to ensure the accuracy, however I cannot guarantee the accuracy of this information.

---

What was breached?
It appears that the entire database of the provider was stolen. This includes:

• Usernames
• Emails
• Encrypted Passwords
• 2FA Info
• Account Balances
• Transactions
• Support Tickets

Account balances are NOT at risk, barring any high difficulty bruteforce attacks against specific accounts without 2FA setup combined with email password reuse.

---

What actions should be taken?
It is claimed that the database is not for sale, however I would not be surprised if it becomes available in the future.

> Change Your Password
From my understanding, passwords were properly stored as salted hashes. This prevents rainbow table attacks and requires that passwords be bruteforced individually. However, I would still recommend you change your passwords on the affected websites, as well as any sites you've reused the password on. This is especially important if you are using a weak password. It's unlikely that anything will come out of the encrypted passwords, but it doesn't hurt just in case.

> Be Wary of Phishing
Anyone with access to the database now has a highly targeted email list of those who bet with crypto. There may be a rise in phishing attacks specifically targeting players on Bitcoin gambling sites.

---

Official Statement:

---

Self moderated to prevent signature spam. Local Rule: This thread is to discuss the data breach and not for scam accusations against either of the sites.