DraftKings Respond to Cyberattack and Data Breach

Latest News

The week before Thanksgiving last year, DraftKings fell victim to a comprehensive data breach, affecting nearly 68,000 customers. Since then, DraftKings has opened up more about the cyberattack and shared details with the sports betting industry. 

They have identified the attack and determined the cyberattack was possible through a method known as “credential stuffing.” This is when the hacker obtains customers’ information from a non-DraftKings source (social media login information, for example) and then uses that information to access their online sports wagering account. This is an effective strategy because often individuals use the same credentials for various accounts. 

A notification letter sent to compromised customers read, “Based on our investigation to date, we believe that attackers may have previously gained access to your username or email address and password from a non-DraftKings source and then used those credentials to access your DraftKings account.”

The goal of this type of attack is to gain access to as many accounts as possible to steal personal and financial information. Directly following the attack, DraftKings notified customers to reset their passwords and to take a close look at their account activity, following up if they noticed anything out of the ordinary.

GeoComply Partnering With the Sports Betting Industry

The company GeoComply is primarily known for its geolocation data services. The company also does a significant amount of work to help combat fraud in the industry. The company has partnerships with 99% of the sportsbooks in North America. Brands like BetMGM, Caesar’s, FanDuel, 888 Holdings, Churchhill Downs, DraftKings, and many more. 

GeoComply prides itself on its innovative anti-fraud, geolocation compliance, and Know Your Customer (KYC) technologies. The company uses location information, device data, and behavior signals to combat fraud. Its geotracking technology is so precise it can provide location data that is one to two meters from accuracy. 

During the intrusion, customers reported being unable to log in to their sports betting accounts. This is not uncommon during a cyber attack, as cybercriminals often change passwords once logged into accounts. This breach is similar to what you would see in banking account intrusions. GeoComply often deals with account takeovers as a type of cybercrime. 

Why is Geolocation Tracking Data Important?

If a customer is using DraftKings and frequently places bets from their home and suddenly there is a bet placed from their account from a different state, this is an immediate red flag. With GeoComply’s database, it’s able to identify if that location may be linked to multiple other fraudulent activities. 

Simon Marchand, a GeoComply vice president, said, “If we see 400 transactions across 20 devices in an hour in a garage, there’s obviously something fishy happening there,”

Another example could look like an account withdrawal request to a location that is not close to the customer’s home. This is another clear example that an account has been taken over by a cybercriminal. Hence why precise geolocation data is massively important for the sports betting and online casino industry. 

Director of Risk Services Sharing High-Level Information

An additional resource that GeoComply has is its senior director of risk services, Danny DiRienzo.

DiRienzo has 14 months of experience as a sports gaming investigator with the Tennessee Education Lottery Corporation (TELC) and before that 20 years in the US Secret Service under his belt. As a special agent, he focused on network intrusions, money laundering, bank fraud, and more. 

DiRienzo hosts a monthly meeting with law enforcement which gives everyone the chance to exchange valuable information regarding ongoing investigations. In addition to meeting with law enforcement officials, DiRienzo also meets with gaming operators to gain additional insight on issues pressing the industry, helping GeoComply better serve its customers. 

Account Takeovers Remain a Threat to the Industry

Since DraftKings’ attack in November, we have discovered that several major operators were also targeted. Companies such as FanDuel and BetMGM reported cybersecurity breaches around the holidays. With the potential for a global recession on the horizon, GeoComply suspects internet fraud and cybercriminal activities to increase. With the greater potential for “opportunistic fraud” during an economic crisis. “That’s why fraud experts will never be out of a job,” Marchand said. “They will always be kept busy with a new attack.”

Mac Daniel is a writer for PlayOnlineCasino and PlayOnlineSportsBetting. He has experience writing about a wide variety of topics, including healthcare, tourism, non-profit organizations, and most recently casino and sportsbetting news. To check out more of his work, visit: playonlinemichigan.com