How Hackers Breached Two Gambling Payment Providers To Harvest 'Millions' Of Records

5th November 2015  By Thomas Fox-Brewster
 
                                                    http://blogs-images.forbes.com/thomasbrewster/files/2015/11/x-1200x800.jpg
 
In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of users’ private data – addresses, emails, telephone numbers, birth dates and, in the case of Neteller, answers to password hints – fall into criminal hands. The details are only now being made public by Optimal Payments, the London-based owner of both Moneybookers (now Skrill) and Neteller, after disclosure from FORBES. The company is now reinvestigating the hacks and the possibility of further breaches.
 
Earlier this month, your reporter was handed information by an anonymous source on two databases they said were leaked sometime around 2011 and 2012. They appeared to belong to Moneybookers and Neteller. Both databases were also passed in full to Troy Hunt, a security expert who runs the haveibeenpwned.com site that makes it easy for anyone to check if they’ve been embroiled in a major breach. The source claimed they had known about the databases for three years, but now wanted victims to be made aware of what occurred.
 
Full Article