Security incident on the 28th of September 2019
On 28th of September our team became aware of a security incident involving a third-party email service provider and Bitcasino.io. An unauthorised person was able to improperly access the email newsletter software and via predefined segments, which included email and user’s country,
When did the incident happen?
- On Saturday, September 28th, 18:24 GMT our Security Team noticed that a suspicious email was sent out to our users via predefined segments in our third party email software account.
- By 18:59 GMT we had confirmed that it was in fact a fraudulent email.
- By 19:30 GMT an onsite notification was displayed and a correction email followed shortly warning players of the fraudulent email.
- After that the third party email software account was locked and our internal teams continued their thorough investigation.
What type of user data was affected?
As a tool for sending out promotional emails our third party email software only had access to segmented groups of email addresses and language preference, no other personal player information such as KYC documents, passwords, password hashes or any other sensitive data was available. Bitcasino does not and will never store or share personal details with any third-party software providers.
How will this impact you?
Your account on Bitcasino.io is not at risk from this incident as we do not store any sensitive data in the third party email software. As always, we recommend users to be aware of potential scam emails that they may receive from any email address.
Bitcasino.io will never ask for your personal or account details in an email, we will never ask users to send funds to wallet addresses described in an email. When playing with us you should always make sure to come directly to https://bitcasino.io.
We recommend all players add two-factor authentication (2FA) to your accounts in Bitcasino.io and anywhere else online. If you ever have any concerns or questions regarding the legitimacy of a Bitcasino promotion or website, our Support Team are available 24/7 to help.
What is Bitcasino doing now?
Currently, we have observed that in 24 hours three transactions were made to the fraudulent wallet addresses, totalling 0.00037299 BTC and 2.0665 ETH. We will continue to monitor the situation and wallet addresses.
We are continuing our investigations with the 3rd party customer email software and evaluating our internal policies for even better, tighter security. We take this incident with the utmost seriousness and will continue to strengthen our security with the help and suggestions by the community and our in-house specialists.
There is however, no excuse for letting this happen and we would like to sincerely apologise to those affected once again.
Who can you contact if you have additional questions?
Please reach out to [email protected] or via our 24/7 live chat at Bitcasino.io