Security Newsletter

13 January 2020

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

SureBet247, a popular sport betting company based in Nigeria was victim of an incident related to the data protection of its users that would have put thousands of records stored by the company at risk. An anonymous user discovered the information exposed on the public Internet, who reported the find to Troy Hunt, a security researcher and founder of the Have I Been Pwned platform. After attempting to contact SureBet247 without success, the researcher decided to share the find with the cybersecurity community.

This incident has been particularly frustrating for both Hunt and the anonymous informant, who have repeatedly tried to contact the company; on the other hand, SureBet247 has not commented on the incident in any way, so investigators ignore whether the company was even aware of this serious breach of the data protection of its users. Based on Hunt’s reporting, the International Institute of Cyber Security (IICS) finds it unlikely that the company will implement an appropriate security incident management process or even notify all potentially exposed users. Given the company’s irresponsibility, customers are advised to reset their access passwords to the SureBet247 platform, in addition to monitoring their bank accounts for any suspicious activity.

"This is a blog post about disclosure, specifically the difficulty with doing it in a responsible fashion as the reporter whilst also ensuring the impacted organisation behaves responsibly themselves. It's not a discussion we should be having in 2020, a time of unprecedented regulatory provisions designed to prevent precisely the sort of behaviour I'm going to describe in this post. Here you're going to see - blow by blow - just how hard it is for those of us with the best of intentions to deal with organisations who have a very different set of priorities. This is a post about how hard disclosure remains and how Surebet247's behaviour now has them experiencing the full blown Streisand effect."

 

More #News

 

#Patch Time!

 

#Tech and #Tools

Kindred Group is growing, so does the Group Security team! We're looking for new talented professionals to come join us. You can find all our open vacancies on our career page.

This content was created by Kindred Group Security. Please share if you enjoyed!

Kindred Group in brief

Kindred is one of the largest online gambling companies in the world with a diverse team of 1,600 people serving over 26 million customers across Europe, Australia and the US. We offer pre-game and live Sports betting, Poker, Casino and Games through 11 brands across our markets. We are committed to offer our customers the best deal and user experience possible, while ensuring a safe and fair gambling environment. Kindred is a pioneer in the online gambling industry and is an innovation driven company that builds on trust.