Do Betting Sites Get Hacked?

hacker code on a laptopSecurity is one of the biggest concerns when it comes to any online website, especially those that deal with money. Betting sites fall into this category, of course, and for many people, the first thing they seek out when thinking of a platform to join is whether or not the site in question offers maximum security. Only with this being confirmed will some players feel 100% comfortable to deposit and play the games or place sports bets at such a site.

But it does beg the question as to whether betting sites ever do get hacked into like other websites sometimes do. After all, they pretty much operate in the same way. And even though these betting sites should be employing the top level of security and encryption technology, it doesn’t mean that such platforms are totally guaranteed to be safe against knowledgeable and sly computer hackers.

If you think about it, an online gambling website requires you to make deposits into an account so that you can play real money games or place real money wagers on events. This requires a transaction to take place, then the money to be stored for you to be able to use it, and then, when the time comes, another transaction to take place when you want to withdraw funds. And it’s not only the money that you are depositing and withdrawing that could be an issue, these sites also store your personal data. Perhaps a hacker simply wants to commit data fraud by stealing all of your details – name, address, date of birth, telephone number, email address, and so on.

Is It A Possibility?

woman shocked looking at computer following data theft

Yes, it is possible for an online betting site to be hacked by someone. That is very much the same for any business, brand, financial institution or anything else operating online. In October of 2021, it was reported that Barclays Bank was hacked by cyberthieves who were utilising a Monzo account. This led to them swiping millions of pounds from Barclays accounts. If a bank like this can be hacked into, then pretty much anything is fair game when it comes to a hacker’s mentality.

Just because something is possible, though, doesn’t make it a regular occurrence and the first thing to note is you are highly, highly unlikely to have an account hacked at a licensed betting site.  It is part of licensing conditions that operators have to have sufficient protections and policies in place to prevent data theft or money itself being stolen.  Unfortunately the same cannot be said of all unlicensed betting sites, which is another reason why you shouldn’t use them despite them sometimes seeming to be an attractive option.

Of course, most people don’t have the knowledge or expertise to really engage in computer hacking. There are just select individuals or groups around the world who engage in such practice, and clearly have specific targets in mind when they set out to hack and steal from online companies. Hacking is not child’s play and takes time and effort that only someone with a hacker’s mind can really successfully engage in.

It is absolutely possible for betting platforms to be attacked online. Popular betting brand William Hill has previously found itself on the receiving end of a cyber attack. In 2016, a series of attacks targeted big-name brands like Twitter, Netflix and The Guardian newspaper, with William Hill also being a part of that list of affected brands. According to the gambling company, it found itself under a Distributed Denial of Service Attack (DDoS), which is when a website is flooded with so much traffic that it hampers normal functionality and locks users outside the system.

Bettors were left fuming when they weren’t able to place bets on Manchester city versus Barcelona or Arsenal versus Ludogorets football games. The DDoS attack left William Hill missing out on around £3 million of revenue, and it was said that the origin of such came from within Russia and China.  Significantly, however, this attack was designed to disrupt the operation and hamper revenue rather than to steal any user data.

More recently, the iGaming brand Super Casino suffered from a leak of information regarding its customers. The company was hacked, and various pieces of customer information was stolen by the offenders. Super Casino was quick to point out that no passwords or financial data were lost during the attack, although the fact that peoples’ personal data was leaked caused some damage for those affected. Users were swiftly advised to change their login details as extra security following the 2020 breach.

Another big-name casino brand that was targeted and affected by hacking was the United States operator MGM Resorts International. A statement released by the company in February 2020 stated that MGM had suffered a data breach the previous year. This came about following an earlier report, which claimed the details of more than 10.6 million hotel guests at The Bellagio Hotel and Casino owned by MGM had been compromised. Again, it was stated that no financial, payment card or password data had been stolen via the incident, and that the majority of information that leaked was in relation to the guest names and phone numbers. The details were published on a hacking forum in February, with information on celebrities, CEOs of technology companies, reporters and even government officials being present.

And if you think you’re safe if you go betting at a land-based venue, think again. A report by The Sun in 2018 stated that hackers had hijacked a physical casino’s high-tech fish tank in order to steal various data from within! The hackers, who were based in Finland, managed to transfer about 10 gigabytes of data from a U.S. casino’s high-roller database by breaching the smart thermometer built into the aforementioned fish tank. While the casino was utilising that device to monitor the water in the aquarium located within the lobby, the hackers managed to pull the high-roller database across the network, out through the thermostat and up to the cloud, according to Nicole Eagen, CEO of Darktrace – a British machine learning cyber-defence start-up.

Most Data Theft Is On A Personal Level

malware red letters warning signsDespite these few examples most criminals will tend to set up fake copies of sites rather than go to the hassle of trying to hack secure systems.  They can email people pretending to be from a well known brand asking them to login or provide details but direct them to a fake copy of the real site.  Even if they don’t have a database of users they know a certain number of people they email, call or text may have an account and may be duped into the scam.

Other ways criminals can get their hands on these details include when logging in when using a public wi-fi network or by installing malware on the devices you use to login to gambling sites or apps.  Essentially 99% of fraud conducted in this way is done on the micro scale by tricking individuals to reveal details rather than through some serious database hacking event.

Sites Have Security But Protect Yourself Too

secure payments

Obviously, the incidents mentioned above have occurred in different moments, and these types of attacks are not specifically hugely common within the gambling world. Betting sites usually employ high-level security to ensure that your personal details, deposited funds and everything else are kept protected. And there are additional things that you can do to try and protect what you have within your betting account. Of course, it is always ideal to have a good password in place on your account, featuring letters, numbers and special characters.

It is also important to stay alert for malware. This exists as anything that has been added to your device which you did not install or put there purposely. Malware usually has the sole intention of stealing from you or using you for ransom, often just for the hell of it. This can be included in what would seem to be (or often are) completely innocent downloads. The worst type of malware for those participating in online gambling is known as a key-logger. It is these that run in private in the depths of your computer system, simply keeping a log of every key you touch. Someone can then read back over the log and find out details like your passwords, usernames, any PINs and so on. That data can then be broadcast any which way. To tackle malicious malware, you really need to purchase a good antivirus program, make sure your software is updated frequently and be certain not to download anything that you don’t trust.

Make sure that you also protect yourself from phishing, which often occurs through unsolicited emails. Just because the email looks like it is from your bank or credit card supplier, for example, doesn’t mean it actually is. You should never be asked to supply your personal information via email, and if you are, then there is a strong chance that this is a phishing scam. Avoid these emails at all costs because you could be giving away vital information regarding your casino or betting account in the process.

The online gambling companies should also do their best to protect you, your data and your transactions. When visiting an online betting site, you should always make sure that it is utilising top-quality security for your benefit. Through such, your payments will always be sent in encrypted format, making it difficult for hackers to breach them.

Additionally, a legitimate online casino to sportsbook will have a privacy policy for you to read, which informs you of how your data is used and stored. As long as a platform gives you an insight into how it is protecting you via these steps, then it can usually be considered as trustworthy. And while it won’t definitively stop a hacker from getting their hands on information, it increases the difficulty of them being able to acquire it.  Also as mentioned earlier, bet with licensed sites who have to offer protection rather than unlicensed ones that don’t.

Gambling Hacking Stories


Hacking is not something that is confined to specific areas or specific countries. In 2020, it was reported that a group of professional hackers based in China had been targeting and hacking online gambling companies since the previous year. Reports were published by cyber-security firms Talent-Jump and Trend Micro, which confirmed that gambling brands located in Southeast Asia had been the victim of these attacks.

Rumours also circulated about further hacks coming from within Europe and the Middle East. Through those hacks, it was said that company databases and source code were both stolen, but no money was taken in the process. According to the security firms, the attacks had been carried out by a group called DRBControl. That hacking group utilised something known as Clambling – a custom malware specifically created for targeting gambling companies operating online.

Another instance of hacking occurred when SBTech was forced to shut down its operations as a preventative measure. That was enacted in March of 2020 and affected numerous websites operating on the SBTech platform. Naturally, this affected customers’ ability to place bets or even login to their online accounts, while SBTech utilised the downtime to upgrade its security and encryption technology. It wasn’t made clear what type of attack had occurred that forced the company to take such action, although reports suggested that it was a type of ransomware. This type of attack sees hackers try to steal company information and code, with casinos often being targeted by such due to their large pools of data. Financial or personal information of players can then be taken advantage of by the hackers. Fortunately, SBTech put the correct measures in place so as to mitigate losses.

That being said, SBTech was informed it would need to set aside £25 million in cash and stock so as to be able to settle any claims relating to the cybersecurity issue. The powerdown managed to affect multiple U.S. sites, like the Bet America sportsbooks located in Indiana, New Jersey and Pennsylvania. That cyber attack also forced a change to the merger deal it had set up with the DraftKings brand, which was pushed back a couple of weeks. (In the end, DraftKings was investigated over its acquisition of SBTech due to a short-seller report).

Such hacking attacks are never good for online gambling companies, as not only does it affect their capabilities of being able to provide their services to the online community, but it risks the leak of players’ personal data. In such circumstances, there is always a likelihood that some players will become disenchanted with the platforms they have chosen to bet at. After all, security breaches are bound to leave you second-guessing whether or not you want to remain active at a platform that isn’t able to provide you with enough of a sense of security.

Related Posts