DraftKings denies platform breach, says about $300,000 stolen from compromised accounts
Gambling giant DraftKings has confirmed that about $300,000 was stolen from compromised customer accounts on the platform but says that its own systems were not breached.
In a statement to The Record, DraftKings co-founder Paul Liberman said the company is aware that “some customers are experiencing irregular activity with their accounts.”
“We currently believe that the login information of these customers was compromised on other websites and then used to access their DraftKings accounts where they used the same login information,” Liberman said.
“We have seen no evidence that DraftKings’ systems were breached to obtain this information. We have identified less than $300,000 of customer funds that were affected, and we intend to make whole any customer that was impacted.”
He added that the site was encouraging customers to use unique passwords on the platform and on all other sites.
They also urged customers not to share passwords with anyone, “including third party sites for the purposes of tracking betting information on DraftKings and other betting apps.”
Several people who had their accounts breached spoke to Action Network, telling the site that they noticed charges from DraftKings ranging from $400 to $4,500.
On Twitter, hundreds of customers complained about having their accounts breached, arguing that they used unique passwords and did not share them with anyone.
DraftKings shares fell as much as 11% on Monday after reports began to emerge of accounts being hacked.
The situation prompted other gambling platforms like FanDuel to email their own customers about the situation.
FanDuel reminded customers about “the importance of good cybersecurity hygiene” and similarly encouraged users to have unique passwords and enable multi-factor authentication.
“Bad actors take advantage of the holiday season to strike when people are busy spending time with their families,” they said.
“Please stay vigilant and immediately report any suspicious activity by contacting FanDuel customer support either in the app or via our support site support.fanduel.com.”