Confidential Information Stolen From Gambling Giants Ladbrokes.

 

 

Records containing the confidential data of more than one million British gamblers, who have previously set up accounts with gambling giants Ladbrokes, have been stolen and reportedly offered for sale to The Mail on Sunday.

 

A criminal investigation is now underway looking into how confidential information could have been obtained by sources outside the Ladbrokes group. The Mail on Sunday has claimed to have received the personal information of more than 10,000 gamblers and subsequently offered the additional details of a further four million individuals. Victims are both UK and foreign nationals.

 

Ladbrokes have now been notified of the breach in security and the customer information forwarded on to the Information Commissioner’s Office (ICO), who are the British watchdog for private data sharing, they will begin their own investigation straightaway.

 

Included in the details that were forwarded to the Mail on Sunday were the private addresses, individual gambling histories, customer account numbers, date of birth, email accounts and phone numbers.

 

Many customers have now been contacted by police in order to reassure them of the security of their personal details, especially relating to the safety of their credit card details, passwords and other financial information.

 

A mysterious Australian gentleman is purportedly said to have offered the information for sale, claiming to be a computer software security expert who had previously worked for Ladbrokes in the UK.

 

During negotiation deals via telephone and email, the mystery man, who chose only to call himself ‘Daniel’, During protracted negotiations via email and in one phone call, the man, who gave his name only as 'Daniel', declared that he worked for a Melbourne based company in Australia.  

 

The Australian company, known as DSS Enterprises, is run by Dinitha Subasinghe, who is an IT expert originating from Sri Lanka.

 

The owner, Mr Subasinghe, has categorically denied having any involvement in data theft of any kind. His main business ventures are website design and also a wedding planner business that he runs alongside his British girlfriend, Charlene King.

 

Mr Subasinghe has been described by Australia’s Companies House as a Sole Trader. Some of his more recent work has been creating and designing websites for estate agents in the Melbourne area, however, he also lists Ladbrokes and the British Ministry of Defence as amongst his clientele.

 

 

He has previously said that: 'I have no access to any Ladbrokes database or any other information. I provided analytical services to them for 18 months during 2007 and 2008.'

 

 

Mr Subasinghe has said that he visited the UK for a holiday in November and that he has maintained ties with a few of the staff at Ladbrokes, but on a social basis rather than a works basis, he says: 'Unless my name, my signature, my fingerprint is on anything, it has nothing to do with me. I had a call from a senior person at Ladbrokes this morning. I did not take the call. I don't know what they are ringing me about.'

 

‘Daniel’s’ most recent email stated that he would now be ending the negotiations he had started with the Mail on Sunday, and advised them not to contact the authorities.

 

However, the Mail on Sunday has passed on as much information as they are able to about ‘Daniel’. The ICO Deputy Commissioner, David Smith, said:

 

“The ICO takes breaches of individuals' privacy very seriously. Any organisation which processes personal information must ensure that adequate safeguards are in place to keep that information secure. We are grateful to The Mail on Sunday for bringing this security breach to our attention and will be contacting Ladbrokes to establish how it occurred and to find out what steps it will be taking to ensure that such a breach cannot happen again. We are particularly concerned that up to 4.5 million customer records containing personal information are allegedly for sale. Stealing personal data and selling it is a criminal offence. We will investigate whether an offence has been committed.”

 

He continued: “We are determined to stamp out the unlawful trade in personal information and have recently urged the Government to introduce a custodial sentence for people convicted of buying and selling personal details.”

 

‘Daniel’ first approached the Mail on Sunday early in January 2010, using the email address 'theinsidescoopuk'. Claiming to work as a security consultant in IT for Ladbrokes in 2007, he said that he had received the databases from a ‘relatively junior’ employee, who offered to sell it to him.

 

‘Daniel’ said that the original aim of the ‘scam’ was so that he could make Ladbrokes aware of their security issues, but then decided that the best option would be to play the game out within the media- insuring that the issue would be dealt with openly and that customers would be aware of the risks to their personal data.

 

The head of PR at Ladbrokes, Ciaran O’Brien, has said that: 'We have been informed that a person connected to our organisation has offered certain details from a customer database to The Mail on Sunday. This is a criminal act and we are working with the police, the ICO and the newspaper to identify and apprehend the culprit. We are in the process of contacting customers to apologise for this breach in security and to reassure them that everything is being done to protect their personal information.

'Importantly, we do not believe that customer accounts or banking data can be accessed.”

 

If you have ever created an online account with Ladbrokes, then we recommend contacting them to ensure the security of your personal data.