PokerStars

The Vermont Office of the Attorney General disclosed on July 20, 2023, that PokerStars suffered a data breach between May 30 and May 31, 2023. Unauthorized actors gained access to and copied files containing sensitive personal information of customers, including names, addresses, and Social Security numbers (SSNs). The breach exposed critical identifiers that could facilitate identity theft, financial fraud, or targeted phishing attacks against affected individuals. While the exact number of impacted users was not specified in the report, the nature of the compromised data particularly SSNs heightens the risk of long-term harm, including unauthorized credit applications, tax fraud, or other malicious activities exploiting stolen identities. The incident underscores vulnerabilities in PokerStars' data security measures, raising concerns about the adequacy of safeguards for high-value customer information. Regulatory scrutiny and potential legal repercussions may follow, given the sensitivity of the exposed data and the company’s obligation to protect user privacy under data protection laws.

Source: https://ago.vermont.gov/document/2023-07-20-pokerstars-tsg-interactive-us-services-limited-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/pokerstars

"id": "pok1002091725",
"linkid": "pokerstars",
"type": "Breach",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Online Gambling / Gaming',
                        'name': 'PokerStars',
                        'type': 'Company'}],
 'data_breach': {'data_exfiltration': 'Yes (unauthorized copying of files)',
                 'personally_identifiable_information': ['names',
                                                         'addresses',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High (includes SSNs)',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)']},
 'date_publicly_disclosed': '2023-07-20',
 'description': 'The Vermont Office of the Attorney General reported that '
                'PokerStars experienced a data breach potentially affecting '
                'personal information from May 30 to May 31, 2023. The '
                'incident involved unauthorized copying of files containing '
                'names, addresses, and Social Security numbers associated with '
                'PokerStars customers.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'Social Security numbers'],
            'identity_theft_risk': 'High (SSNs exposed)'},
 'references': [{'date_accessed': '2023-07-20',
                 'source': 'Vermont Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Vermont Office of the '
                                                       'Attorney General'},
 'response': {'communication_strategy': 'Public disclosure via Vermont '
                                        'Attorney General'},
 'title': 'PokerStars Data Breach (May 2023)',
 'type': 'Data Breach'}

PokerStars

Pax8: Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners

Dell: Alleged Dell data compromise raises skepticism

Free Mobile: French data regulator fines telco subsidiaries $48 million over data breach