Listen To Article
PlayNow has issued an advisory to all its users to update their account passwords following a recent security incident. On 24 July 2024, the platform detected an unusually high volume of traffic, which was later identified as a “credential stuffing” attack.
In this type of cyberattack, criminals attempt to access user accounts using email addresses and passwords previously exposed or stolen from other companies’ databases. The attack exploits the common practice of users employing the same login credentials across multiple websites.
Commenting on the incident, Pat Davis, BCLC President and CEO, stated: “This is a deeply concerning incident and a cautionary tale for everyone with multiple online accounts.
“Our investigation remains ongoing, and we have found no evidence that our systems have been compromised, or that player login information was stolen from our systems.
“Integrity and security are at the core of our business and our games. We are committed to continuing our ongoing evaluation and enhancement of PlayNow security controls to maintain the safety of our players’ information going forward.”
As an immediate response, PlayNow locked affected accounts and implemented measures to block the suspicious traffic. The company has also notified relevant authorities, including privacy commissioners and gaming regulators in British Columbia, Manitoba and Saskatchewan.
As a precautionary measure, PlayNow is advising all users to change their passwords and ensure they are not using the same passwords across multiple sites.
In related news, Marina Bay Sands reported a similar security incident at the end of last year. The incident involved a data breach that affected around 665,000 non-casino rewards members.
