The B.C. Lottery Corporation has issued a warning to PlayNow account holders after detecting a credential stuffing attack on the gambling website. On July 24, a suspiciously high volume of traffic was identified, leading programmers to conclude that hackers were attempting to gain unauthorized access by using stolen emails and passwords from other sites. This tactic exploits the common practice of users reusing credentials across multiple online accounts, making it easier for attackers to breach security.
In response to the attack, PlayNow took immediate action by locking affected accounts and notifying users about the potential threat. The company has reassured players that there is no evidence suggesting that their systems were compromised or that login information was stolen directly from PlayNow. This incident serves as a reminder for users to adopt stronger security practices, including updating passwords and avoiding the reuse of credentials.
The BCLC president, Pat Davis, described the incident as a “deeply concerning” event that underscores the importance of online security. An ongoing investigation is being conducted, and relevant authorities, including provincial and federal privacy commissioners and the RCMP, have been notified. PlayNow is committed to ensuring the integrity and security of its operations and has emphasized its dedication to enhancing security measures to protect player information.
As the investigation continues, PlayNow is urging account holders to take proactive steps by changing their passwords and implementing stronger security practices. The company is focused on maintaining a safe online environment for its users and will continue to evaluate and enhance its security controls. This incident highlights the growing threat posed by credential stuffing attacks and the critical need for users to remain vigilant in safeguarding their online accounts.
Reference: