UK igaming operators would be smart to increase vigilance around data and the rising threat of fraud as the nation was rocked by breaches to Santander and Ticketmaster. 

Computer hacker group ShinyHunters has claimed responsibility for the breaches, in which payment information of millions of Santander and Ticketmaster customers was gained and reportedly advertised on the dark web. 

Emphasising the impact that the ripple effect from the breaches could have on the gambling industry, Ted Orme-Claye, the Editor of PaymentExpert, told CasinoBeats: “The hacks at Santander and Ticketmaster emphasise that even the most renowned institutions remain susceptible to fraud and cyber attacks. 

“The attacks highlight the vulnerability of amassing huge data sets with extensive personal details about customers, including payments information.

“Companies that operate within high-risk spaces, specifically igaming, should pay close attention to these developments and increase vigilance when it comes to the cyber-security threats present in today’s highly digitised ecosystem.

“In the aftermath of this spate of high-profile breaches, it is imperative that igaming firms prioritise the security of their consumer’s data as the long-lasting impact of security shortcomings are devastating to brands and consumers alike.” 

Santander however moved to reassure customers that credentials obtained in the breach wouldn’t be sufficient in enabling transactions to take place. 

A statement from Santander read: “We recently became aware of an unauthorised access to a Santander database hosted by a third-party provider. 

“We immediately implemented measures to contain the incident, including blocking the compromised access to the database and establishing additional fraud prevention controls to protect affected customers.

“Following an investigation, we have now confirmed that certain information relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed. Customer data in all other Santander markets and businesses are not affected.

“No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords. The bank’s operations and systems are not affected, so customers can continue to transact securely.”

According to reports, the sale of the Santander data was advertised shortly after ShinyHunters claimed to have hacked the Ticketmaster platform. 

As a result of both hacks, the group has made claims to have accessed the names, addresses, phone numbers and partial credit card details of 560 million customers.

Jack Chapman, SVP of Threat Intelligence at Egress commented: “While it remains unconfirmed whether ShinyHunters are the actual perpetrators of the breach, Santander has confirmed that 30 million customers’ data has been stolen. Following the Ticketmaster breach last week, we are all asking the same questions: Are the ShinyHunters actually responsible? If so, where are these global organisations’ vulnerabilities, and are both breaches linked to the Snowflake hack?

“The one thing we do know for certain is that the consumers whose data has been exposed in both instances should remain vigilant for any unusual emails, phone calls, and messages in the coming weeks, especially those urging them to act quickly and share personal details. Individuals should also consider adding an extra layer of security to personal accounts, such as multi-factor authentication (MFA), to reduce the risk of unauthorised access.”

He went on to emphasise that if the snowflake breach is the missing link between two high-profile breaches, it should be “a stark reminder to all organisations about the severe repercussions that credential theft can have”. 

Further underlining this, recent research suggests that 58 per cent of organisations experienced account takeovers in 2023, with 79 per cent of these incidents starting from a phishing email that harvested employees’ credentials.

Chapman continued: “To double down on preventing incidents such as credential theft over email, companies should invest in AI-based cybersecurity solutions alongside robust and individualised security coaching that’s tailored to the jobs employees do and the real threats they face. In addition to this, cybersecurity leaders should consider a thorough evaluation of any potential vulnerabilities in their security posture above and beyond email.

“Given the escalating scale of these breaches, organisations must act decisively to fortify their defences. The message is clear: cyberattacks are becoming more targeted, and no organisation is immune. Companies must prioritise robust and intelligent security measures to protect sensitive data and uphold consumer trust—failure to do so is simply not an option.”