CasinoCityTimes.com

Home
Gaming Strategy
Featured Stories
News
Newsletter
Legal News Financial News Casino Opening and Remodeling News Gaming Industry Executives Search News Subscribe
Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter!
SEARCH NEWS:
Search Our Archive of Gaming Articles 
 

Sports Book Says Competing Site Hacked It, Used Customers' Credit Card Numbers

24 November 2000

Olympic Sports, an online and telephone sports book in Jamaica, was hacked between Nov. 10 and Nov. 13. The hacker got access to credit card numbers of many of the people who had bet at Olympic during the last six months.

Spiro Athanas, who manages Olympic, said the hacker succeeded through a combination of a security flaw in the Microsoft Internet Information Server and the stupidity of a vendor who sold a database server to Olympic.

Incredibly, the vendor gave all his customers the same password, Athanas said. He said someone at another sports betting site, Kings Bet, hacked Olympic and was able to access the customer information because Kings Bet has the same software and thus had the same password.

Athanas said his computer expert detected the hacker, but didn't realize that the credit card database had been penetrated until some customers complained about unauthorized charges from NetPro, a credit card processing company in the Dominican Republic. NetPro has since reversed all the unauthorized charges, he said.

"There was nothing I could do," Athanas said. "It was out of my control. I still feel I let everybody down, but I could never foresee something like this." Both problems - the Microsoft flaw and the common password - have been fixed, he said.

Wednesday, Olympic released a "Security Alert" to explain what happened. (The release is reprinted below.) Although the release advises customers who got unauthorized charges from NetPro to cancel their credit cards, Athanas told RGT Online today that ALL Olympic customers who had bet with a credit card during the last six months should cancel the card.

"Nothing's going to happen now," he said. "But who knows, six months or a year from now, if they sold the list somewhere, and somebody else starts processing (the card numbers)?"

"People told me they got their money back" from the NetPro charges, Athanas said. "But that doesn't solve the problem. Even though these guys at Kings Bet, who are tremendous crooks, guaranteed me that nothing further was going to happen, they could have made a million copies. They could be all over the world. Everybody's got to cancel their credit cards now."

When the hacker was traced to Kings Bet, Athanas said, he called the company and spoke to Howard. He said Howard told him an employee had confessed to the scam, using Kings Bet's equipment, and that the company didn't know he was doing it.

"Which is bullshit," Athanas told RGT Online. "They're the ones behind it. . . . Kingsbet.com are the perpetrators."

Howard is presumably Howard Marcalle, who is listed with Network Solutions as the administrative contact for Kingsbet.com. Although the address of the registrant is given as Costa Rica, Athanas said Kingsbet.com has moved to the Dominican Republic.

RGT Online tried to reach Howard this afternoon, but a person answering the phone at Kings Bet said Howard would not talk to us and no one else would discuss the Olympic hacking.

To find the culprit, Athanas said his company first learned from NetPro that the bogus charges had been placed by a site called winnersbook.com. When that domain name was checked with Network Solutions, Athanas said, his computer expert found that the IP address was the same as the hacker's IP address.

When they looked at winnersbook.com, Athanas said, they realized that the site used the same software as Olympic. Then they called their software vendor, who told them he had also sold the software to Kings Bet.

The IP addresses for kingsbet.com are the same as those for winnersbook.com. The administrative contact for winnersbook.com is listed as Richard Moskovitz. He could not be reached by RGT Online.

Athanas declined to identify Olympic's software vendor. He said it's great software, and the vendor has belatedly assigned each customer a unique password.

Olympic, at www.thegreek.com, has been in business since 1996.

The following is the complete text of Wednesday's announcement by Olympic. It does not directly refer to Kings Bet by name, but says the hacker was located at servers owned by "Crown Internet." That apparently is a typo; the Kings Bet site says it is "a subdivision of Crown Intertel."

Security Breach

November 22, 2000

Olympic Sports Security Alert

For Immediate Release - 11:30 EST

We at Olympic Sports regret to say that we have experienced a security breach on our systems. The attack occurred between the days of November 10, 2000 and November 13, 2000. Using a combination of a Microsoft IIS 4.0 security flaw and inside password information, the hacker was able to access our server and retrieve personal information such as credit card numbers and customer information.

Olympic Sports has taken immediate proactive action from the moment of detection. We immediately gathered the necessary information to identify the hacker, as well as copies of all logged activity performed against our servers. This information was used to determine exactly HOW the hacker compromised our web servers as well what insider information he had used to access our database servers. A recent security bulletin posted by Microsoft announced the security vulnerability used on IIS 4.0 servers and the patch was applied to our servers to prevent any further violation.

Using our logged information, our software provider has determined the identify of the hacker to be located at servers owned by Crown Internet; a Sportsbook operating in the Dominican Republic (recently moved from Costa Rica, who just happens to use the same software). Employees of this book set up a website at http://www.winnersbook.com and used this server to launch their attacks against our system. The software provider is completing a patch to prevent insider password information from ever being used again by another book operating the same software.

A few of our customers have reported that their credit cards have been charged without authorization from a processing company called "NetPro". We have worked with these customers to find out what merchant is charging these transactions, and have found that they are coming from winnersbook.com Therefore, our recommendation for our customers who have processed credit cards with us in the past six months is this:

· Call the company that issued your credit card on file with us immediately and see if you have any unauthorized charges from NETPRO.

· If you DO have charges from NETPRO, we advise canceling the card immediately.

· NETPRO has ALREADY been made aware of the situation and has issued CREDITS against ALL accounts that were charged from winnersbook.com

It is important to note that the Microsoft bug allowed access to our server, however it was INSIDE password information that allowed access to our customer database. Therefore, this hacking job was premeditated and executed by someone using inside information only known to approximately a dozen people that use the same software. It was this hackers intent to defraud our customers as well as our reputation. We are fully committed to working with the credit card authorities to take action against the hacker(s) and bring justice about quickly. Olympic Sports appreciates your business and it saddens us that we have been a victim of malicious intent. We apologize for the inconvenience some of you may face and want to wholeheartedly work with you to remedy this situation as soon as possible. A special email has been set up to field questions or concerns about the security breach.

Email security@thegreek.com

Please do not hesitate to contact us. Phone: 1-800-274-7384 Ask for Spiro

Sincerely, Olympic Sports www.thegreek.com

< Gaming News