Cybersecurity Breach at Malta Gaming Authority: Hacker Threatens Data Release
A high-profile hacker, known as Wittmann, claimed responsibility for a cyberattack on the Malta Gaming Authority (MGA) in a LinkedIn post published on 20 March. This marks her second major breach in the gambling sector, following a 2023 incident involving Merkur’s systems that led to the shutdown of several offshore sites.
In her post, Wittmann accused the MGA of enabling organized crime while masquerading as a legitimate regulator. She stated that stolen data had already been shared with media and authorities, warning that any attempt to extradite her to Malta where she could face up to 10 years in prison would trigger the public release of the full archive of iGaming-related files. Wittmann framed the hack as a necessary act for public transparency, asserting that the exposed information would eventually be seen as justified.
The MGA responded on Tuesday, acknowledging the breach and describing the intruder as someone posing as a security researcher. The regulator confirmed it was treating the incident with urgency, collaborating with technical teams and law enforcement to assess the impact. Further updates for affected entities were promised.
The incident raises concerns about regulatory vulnerabilities in the gambling sector and the potential exposure of organized crime ties. The outcome remains uncertain as authorities weigh legal actions against Wittmann.
Source: https://next.io/news/regulation/ethical-hacker-mga-data-breach-organised-crime/
Malta Gaming Authority cybersecurity rating report: https://www.rankiteo.com/company/malta-gaming-authority
"id": "MAL1774038575",
"linkid": "malta-gaming-authority",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Gambling/Regulatory',
'location': 'Malta',
'name': 'Malta Gaming Authority (MGA)',
'type': 'Regulatory Authority'}],
'data_breach': {'data_exfiltration': True,
'sensitivity_of_data': 'High (alleged organized crime ties)',
'type_of_data_compromised': 'iGaming-related files'},
'date_publicly_disclosed': '2024-03-20',
'description': 'A high-profile hacker, known as Wittmann, claimed '
'responsibility for a cyberattack on the Malta Gaming '
'Authority (MGA). Wittmann accused the MGA of enabling '
'organized crime while masquerading as a legitimate regulator. '
'She stated that stolen data had already been shared with '
'media and authorities and threatened to release the full '
'archive of iGaming-related files if extradited to Malta. The '
'MGA acknowledged the breach and is collaborating with '
'technical teams and law enforcement to assess the impact.',
'impact': {'brand_reputation_impact': True,
'data_compromised': True,
'legal_liabilities': True},
'investigation_status': 'Ongoing',
'motivation': 'Public transparency, exposure of alleged organized crime ties',
'references': [{'date_accessed': '2024-03-20',
'source': 'LinkedIn Post by Wittmann'}],
'regulatory_compliance': {'legal_actions': 'Potential extradition and '
'prosecution (up to 10 years in '
'prison)'},
'response': {'communication_strategy': 'Public acknowledgment and updates '
'promised',
'incident_response_plan_activated': True,
'law_enforcement_notified': True},
'threat_actor': 'Wittmann',
'title': 'Cybersecurity Breach at Malta Gaming Authority: Hacker Threatens '
'Data Release',
'type': 'Data Breach'}