Sensitive data belonging to the FanDuel users was compromised in the recent MailChimp data breach, the of sports betting site has told customers.
An email sent to FanDuel customers confirmed their full names and email addresses were accessed as a consequence of the MailChimp cyberattack, and warning them to stay vigilant against potential phishing attacks.
“Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients,” BleepingComputer cited a FanDuel ‘Notice of Third-Party Vendor Security Incident’.
TechRadar Pro needs you! (opens in new tab) We want to build a better website for our readers, and we need your help! You can do your bit by filling out our survey (opens in new tab) and telling us your opinions and views about the tech industry in 2023. It will only take a few minutes and all your answers will be anonymous and confidential. Thank you again for helping us make TechRadar Pro even better.
D. Athow, Managing Editor
Passwords are safe
“On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident.”
While FanDuel didn’t name the vendor in the notification, it later confirmed to media that it was referring to MailChimp.
The company also added that as this wasn’t a breach of its own internal systems, sensitive information including “passwords, financial account information, or other personal information” was not accessed.
While just getting people’s names and emails might not be much, it’s enough for a phishing attack which could be more devastating, and could result in people losing access to valuable accounts, private data, and possibly even money from their devices and endpoints (opens in new tab). Now, FanDuel is warning its users to keep both eyes open:
> Crypto wallet data breach compromises hundreds of thousands of users (opens in new tab)
> These are the best firewalls right now (opens in new tab)
“Remain vigilant against email “phishing” attempts claiming an issue with your FanDuel account that requires providing personal or private information to resolve the problem,” the notification further claims. “FanDuel will never email customers directly and request personal information to resolve an issue.”
FanDuel also urged its customers to regularly update their passwords, and to make sure those passwords are strong and not used on other platforms at the same time. Furthermore, it told everyone to activate multi-factor authentication (MFA) if they hand’t already done so.
- Check out the best ID theft protection solutions (opens in new tab)
Via: BleepingComputer (opens in new tab)