Irish gambling site reveals data breach

An online Irish gambling website said Thursday that data on 649,055 of its customers was hacked in 2010, although no financial information or customer passwords were accessed in the hacking incident.

Dublin-based Paddy Power P.L.C. said in a statement the full extent of the 2010 data breach became known to the company in recent months when it took legal action in Canada with the assistance of the Ontario Provincial Police to retrieve the compromised data from an individual.

The company’s statement said the hacked data contained individual customers’ names, usernames, addresses, email addresses, phone contact numbers, dates of birth and prompted questions and answers.

“Customers’ financial information such as credit or debit card details have not been compromised and is not at risk. Account passwords have also not been compromised,” said the statement.

The company said account monitoring has not detected any suspicious activity to indicate that customers’ accounts have been adversely affected in any way.

Paddy Power said it is contacting the affected customers, who are being advised to review other sites where they use the same prompted question and answer as a security measure and update where appropriate.

“Paddy Power takes its responsibilities regarding customer data extremely seriously, and it is deeply regrettable that this breach happened,” it said.