TwoPlusTwo forum hacked

cropped-istock_000012299872medium.jpgPlayers are being asked to exercise caution in what they post in the TwoPlusTwo forum and some have been advised to change their passwords.

Any question of a hack should mean all users would be sensible to change their passwords and to something they do not use elsewhere, that is robust and does not contain dictionary words. If you would like some guidance on the best way to do this, try our main blog here.

If you would like to read the whole story, click here.

Advertisements

GDPR and the Gambling Industry

The EU’s General Data Protection Regulation (GDPR) is going to affect all businesses trading in or through the EU and the UK gambling market will also feel it’s impact.

The UK has its own Data Protection Act and the EU Data Protection Directive has been in place since 1995.  But developments in technology and business models have left the rules out of date in many ways and so an overhaul was overdue.

For Gambling, there will be a lot of things to think about and we can’t cover everything in a blog post. But here is some food for thought or a starter at least. You know where we are if you need us.

GDPR will impact all Gambling providers and non-EU providers need to be extra vigilant and take care not to breach these regulations. Most of the regulations are not new but the requirement for compliance will be enforced and a fine of up to 4% of the previous year’s global turnover (or €20,000,000 which is the new, greatly increased, ceiling) for a serious data breach.

Data subjects must be clearly notified their information is being collected and or processed and for what specific purpose. There must be a clearly defined reason for collecting the data that the subject is completely aware of.

Once you have the subjects data, you can only hold and use it for the purpose you collected it for and for no longer than it is required for that purpose. The data subject also needs to to totally clear on who they have lent their data to.

If any ‘data profiling’ takes place, the subject should be informed and of any of the consequences that may arise from it. There should also be a mechanism for the data subjects to withdraw their consent to use their data.

Operators will also be required to notify data subjects within 72 hours of a breach of un-encrypted data.

Stack of Chips

You can get us at http://www.advent-im.co.uk

0121 559 6699 / 0207 100 1124

bestpractice@advent-im.co.uk

Understanding the motives in attacks

ddos attacklReading a recent story about the sentencing of a UK teen for carrying out a Distributed Denial of Service (DDoS) attack on an online casino, we were reminded of how important it is to understand and scope all of the motivations for carrying out cyber attacks.

An apparently disaffected young person, with no other intent other than to gain notoriety or ‘see if they can’, is as real a threat to an online casino as a determined criminal seeking to harvest credit card details. It has cost the business money and inconvenience, the only good thing to be said about it is that apparently no customer details were compromised.

generic_jail_prison_barsOther details of the teen in question included his collection of weaponry bought over the internet from China. His sentence may have been suspended but interest in him and his online habits are unlikely to be…

If you would like to read the whole story click here.

US accuses Iran of Las Vegas Hack….

Full story here from The Register 

US director of National Intelligence James Clapper has accused Iran of the 2014 hack of the Las Vegas Sands casino.

This attack bought down parts of the gambling giant’s IT infrastructure, like email, but they assured users that personal information such as credit cards were not vulnerable…

Watch out for those iPhone/iPad phishing emails


ID-10067364For reasons far too dull to expand upon, there were no Apple products in my stocking this year. I have however, had a mountain of email telling me to click through various links in order to re-register my iPad, to download a free app or piece of music, and a variety of other things. Also for my iPhone (that I don’t have) a variety of free apps and other vital pieces of software I must have/register or otherwise obtain. I hope that you have not been subjected to any of this opportunistic phishing. For that is what it is.Given that Apple products dominated Christmas this year in terms of phones and tablets, it looks like a safe bet for a phisher. Add to that some of the recipients might be kids/inexperienced/slightly merry on Christmas day and therefore more likely to click an unexpected link or file and thereby deliver the toxic payload or whatever the email was designed to do..

At this point I would refer you to my previous post about making sure you are allowed to use your device on your employers networks, before you actually do. Especially if you have not been careful about what you have clicked on when you had your party hat on…

Happy 2015 everyone.

Multi million dollar poker game halted by cyber attack

1,937 participants in Winning Poker Tournament (WPN) mega event have been left disappointed as a cyber attack has caused the tournament to be stopped.

The Distributed Denial of Service (DDoS) attack swamped and disrupted initial games and WPN had no choice but to shut down and refund early players. No responsibility for the attack has been established as yet.

The event has been re-scheduled for February.

More details and original story can be found on the online casino reports website.

ddos attackl

IFSEC top 40 most influential in Security – Mike is at Number 8!

http://www.ifsecglobal.com/top-40-influential-people-security-results-just-ifsec-international-2014/#comments

Well done to our MD, Mike Gillespie for making into the Top 10 of the Most Influential in Security 2014.

This has been a great week at IFSEC for Mike. His presentation on UK Cyber Security Posture was very well received and we will be voicing over a version for the website and youtube soon. Getting into the top ten of this prestigious list is a great achievement.

Cork Shot Out From a Bottle of Champagne