- Draftkings accounts were committed by landfill or brute force attack on September 2, 2025.
- The exposed data include names, emails, telephone numbers, payment card digits and accounts.
- Customers are urged to restore passwords, enable 2FA and monitor credit reports to detect fraud.
The Draftkings gambling company warned some of its users that their accounts were pirate and that some of the confidential data stored there were accessed.
In a data violation notification letter published on the official Commonwealth of Massachusetts, Draftkings explained that their systems were not violated and that it was a landfill of credentials or a brute force attack that occurred on September 2, 2025.
“However, by stealing the login credentials of a source that is not draftkings and using them in this attack, it is possible that the bad actor has been able to log in temporarily in the accounts of certain draftkings customers,” reads the letter. “It is important to note that our research to date has not observed evidence that their login credentials have been obtained from draftkings or that draftkings computer systems or networks have been raped as part of this incident.”
Didn’t anything “sensitive” stole?
The company did not say how many people were affected by the attack or who attacked them. He said that the exposed data includes names of people, birth dates, telephone numbers, email addresses, last four digits of their payment cards, profile photos, information on previous transactions, account balance and the date of the last password change.
It is a lot of information and can be used in all kinds of malicious ways. The attackers can use it in financial fraud, identity theft, appropriation of accounts, directed pHishing, SIM exchange attacks, social engineering and, ultimately, extortion.
Draftkings emphasized that “sensitive” information from customers, such as identification numbers issued by the Government, complete numbers of financial accounts or “other information that would allow the bad actor to commit identity theft or access the bank accounts of our clients” were not accessed. “
Now it urges customers to restore their login credentials, configure two factors authentication and implement additional security measures. He also asked them to review their accounts and credit reports and consider placing safety freezes and fraud alerts.
Through Pitidocomputadora
Follow Techradar on Google News and Add us as a preferred source To receive news, reviews and opinions of our experts in their feeds. Be sure to click on the Follow button!
And of course you can also Keep PakGazette in Tiktok For news, reviews, video aboxings and receive periodic updates on our part in WhatsApp also.
You may also like
