Published: August 28, 2020 in our Security Fraud News & Alerts Newsletter
An investigation by vpnMentor into the Clubillion database exposed an enormous amount of data entries by players. Even though the hack was made public in March, new entries continued daily. The research found that a minimum of 200 million records per day were exposed. Those millions of player records added up to over 50GB of data up for grabs in a single day. Researchers also don’t rule out that the current pandemic has led to an increase in players who may be stuck at home and looking for a distraction.
Clubillion was notified about the leak on March 20th of this year. Both Google Play and the App Store were notified on March 23rd, and the AWS (Amazon Web Services) host of the Clubillion app, was contacted on March 31st. Action was taken on April 5th, but for those who found their PII was already compromised, it was too little, too late. Three countries with the most daily Clubillion players are the U.S. leading at 10,000+, Canada at 7,792+, and Australia in third with 6,251+ players.
Not only can PII like credit card numbers and winnings data be stolen, but a player’s contacts are also up for grabs. In the wrong hands, these contacts can lead to socially engineered attacks on friends and family. These email phishing targets can be tricked into providing additional PII for current and future attacks, have their contacts stolen and have malware, spyware, and ransomware installed on their devices.
There are ways to help level the risk of playing on gambling apps. First, any and all Clubillion players need to change their passwords, pronto, even if you don’t think you were a victim in this case. Although Google Play and the App Store scan for malware apps and remove them, compromised apps like Clubillion sometimes escape the radar unless the app stores are directly notified about an issue. It’s also important to read app reviews before installing them, as problems other players encounter are often exposed. Sideloading (downloading apps from third-party vendors) is very risky as these sites are notorious for not thoroughly checking apps for malware. And since email addresses can easily be stolen, approach every email with a healthy dose of suspicion. In particular, approach emails with attachments and links with an overabundance of caution, even if it appears to be from someone you know.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com