Racing Post site hackers nab data on “hundreds of thousands” of users

racing-post-site-hackedOn Monday, British horse wagering publication the Racing Post confirmed that it would have a strong presence at the ICE Totally Gaming conference when the 2014 event convenes at London’s ExCel venue on Feb. 4-6. Richard Thorp, Racing Post’s head of B2B operations, said the popular Racing Post Café would once again serve as a hub for conference attendees, allowing the company to demonstrate new products to land-based, online and mobile operators.

Sadly, that’s not the main Racing Post headline this week, as the company’s website was subjected to a “sophisticated, sustained and aggressive attack” by hackers on the weekend. Editor Bruce Millington said the hackers had compromised a database containing info pertaining to “hundreds of thousands” of customers but stressed that customers’ credit and debit card info were not stored on the RacingPost.com site and were therefore not subject to the attack. However, customers were advised that usernames, first and last names, encrypted passwords, email and residential addresses and date of birth had likely been compromised.

Millington told TechWeek that “hopefully this is just an inconvenience and mild aggravation rather than anything more than that.” But a subsequent message sent to affected users indicated that despite encryption, “there is still a chance that some passwords can be deciphered” meaning “there is a risk of identity theft.” As a precaution, the company advised users to change passwords used on other sites if similar to the ones used on RacingPost.com.

Millington said the company had done everything in its power to resolve the issue, including temporarily switching off the ability to register or log-on to the site. Millington said the company was “extremely sorry” for the breach and thanked customers for their understanding.