Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
DraftKings data breach overview:
- Who: DraftKings disclosed that more than 67,000 of its customers had their personal information exposed during a November data breach.
- Why: DraftKings says the data breach was the result of a credential stuffing attack conducted by bad actors making login attempts using credentials stolen from an outside source.
- Where: Nationwide.
DraftKings has disclosed that more than 67,000 of its customers had their personal data exposed during a November data breach.
The data breach, disclosed by DraftKings last week, was the result of a credential stuffing attack conducted by bad actors using stolen credentials to make as many as millions of attempts to login to DraftKings accounts, reports Bleeping Computer.
In a data breach notification letter filed with the office of the Main Attorney General, DraftKings explained that unauthorized access to accounts had been obtained by using login details stolen from an outside source.
“Based on our investigation to date, we believe that attackers may have previously gained access to your username or email address and password from a non-DraftKings source and then used those credentials to access your DraftKings account,” the company said.
Personal information that could have been exposed in the data breach includes, among other things, the name, address, phone number, email address, profile photo, and the last four digits of DraftKings customers’ payment card.
DraftKings says no evidence Social Security numbers, driver’s license info, or financial account numbers exposed
DraftKings reassured its customers, meanwhile, that the company found no evidence that any Social Security numbers, driver’s license information, or financial account numbers were exposed in the data breach.
“While bad actors may have viewed the last four digits of your payment card, your full payment card number, expiration date, and your CVV are not stored in your account,” DraftKings said.
DraftKings said, upon discovering the data breach, that it “promptly took steps” to address the incident such as by, among other things, requiring affected customers to reset their passwords and implementing additional fraud alerts.
As much as $300,000 in funds that were inappropriately withdrawn as a result of the data breach were also refunded to customers by DraftKings, reports Bleeping Computer.
In June, DraftKings was hit with a class action lawsuit by a consumer arguing the company failed to make its website fully accessible to individuals who are blind or visually impaired, in violation of the Americans with Disabilities Act.
Have you been impacted by the DraftKings data breach? Let us know in the comments!
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
4 thoughts onDraftKings data breach exposes data of 67K+ customers
Fraudulent transaction of hundreds of dollars to Draftkings was just reported to me. I’ve never bet on fantasy sports of any kind. Curious to see where this goes and who all was affected.
DraftKings explained that unauthorized access to accounts had been obtained by using login details stolen from an outside source.
This statement from Draftkings is completely false. My draftkings & FanDuel accounts r both locked & cannot be revoked. Yet both scam companies r still taking money out of my bank account. If my accounts r locked, not only can I not get into them neither can anyone else. They r the ones taking my money & trying to blame hackers. They have over 832 complaints against them per BBB. They aren’t even BBB accredited. They r trying to blame people are hacking into peoples accounts when it’s them. Per their terms they have the right to share any & all of your personal information with third parties & anyone else they seem deemed fit. They need 2 b shut down immediately. They r ruining peoples lives. More importantly our state is worried about how much money they can make instead of how people r becoming addicted to gamble, losing their homes, families being ruined & some committing suicide. Is money that important. Shame on the people that allow these scam online casinos to continue to operate. Close them down.
I was wondering what I could do about while I was in prison they had us lady’s take off our bra’s and strip search plus pat down with male guards present during the search.
I am curious if I could have a case on having a tumor the size of a baseball putruding from my cervix and I almost bleed to death because ECO medical clinic in henryetta Oklahoma could not figure it out for almost a year and I had another hospital send me to Tulsa osu medical center and then it was finally found and fixed. I had used Johnson and Johnson baby powder and round up weed killer plus I had just got out of prison under going the treatment in there.