date 22 September 2022 update Upd: 14 March 2024 reading time 10 min views 1216 views

Being one of the most vulnerable to different cybercrimes, the iGaming market along with its growing volume starts facing more threats. Various cyberattacks against online gambling happen because of interlinked systems of transactions, others due to a lack of security measures undertaken.

Several most common cybercrime types often occur in online casinos, regardless of size. Let’s overview them along with the high-profile cybercrime cases in iGaming and EvenBet Gaming experts’ comments.

Cybercrime Types in iGaming

Cybercrimes in the iGaming industry normally occur in one of four ways:

  • Data Breach. A criminal gang hijacks personal accounts and gets access to a large amount of data in them. According to the Identity Theft Resource Center’s (ITRC) data breach research, there were 1,291 data breaches between September 2020 and September 2021, representing an 8% increase.
  • DDoS or ransomware. DDoS (Distributed Denial of Service) is a type of cybercrime when hackers disrupt the game of an online gaming platform. Hackers often find a way to get access to private information from online casinos and hold them for ransom, frequently a large sum of money. Paying the ransom returns the data and smooth gameplay. 
  • Account takeovers. Many online iGaming platform users can be vulnerable to having their accounts hacked and manipulated. Hackers come up with a way to control a specific user’s account and make withdrawals or bets on behalf of the actual user. 
  • Money laundering. Сybercrimes often occur by technical means, but also sometimes directly through the users of the platform. E.g. many criminals who aim at laundering their funds will try to use online casinos as a washer. It can result in casinos being at risk of penalties because of security standards set by authorities. One more typical case of money laundering is when criminals make a deposit from a stolen credit card and then withdraw money in another way: crypto or e-wallet.

All types of cybercrime are rather damaging to the iGaming operator as they may cause:

  • Loss of credibility of a gaming provider as a high-risk cybercrime app;
  • Direct business losses;
  • Loss of users in the long-term perspective;
  • E.g. paying the ransom to the ransomware criminals technically can be considered as support of the crime, and more.

High-Profile iGaming Cybercrime Cases 

Let’s have an overview of the leading cybercrime cases in the industry and EvenBet Gaming experts’ remarks.

DDoS attack on William Hill

William Hill was a victim of a third-party criminal data hack. Shortly after, the company released a public statement with an apology for the system’s crash as a result of a series of DDoS attacks.

This episode harmed the business as it blocked users from placing bets for some 2015/2016 UEFA Champions League football actions.

Considering the company’s H1 revenue of £814 million, the 24-hour interruption of service could have cost the publicly held company approximately £4.4 million. However, the actual figure is possibly less as the outage influenced only online services and did not occur during any remarkable sports events. William Hill fixed its services shortly, but the harmful effect on the company’s funds and reputation was enduring.

Vladislav Myagkov, Head of Anti-Fraud Department:

On the surface DDoS attacks don’t look as bad as other types of cybersecurity threats: users temporarily cannot access the system and the services it provides, but their accounts and data are safe. It appears William Hill got off lightly: 24 hours of downtime and less than a daily revenue lost.

Now imagine that happens every day.

In the world of poker DDoS attacks lead to an even bigger problem: users losing access to the gambling software right in the middle of the game session. That is bad enough for cash games and even worse for tournaments. If someone manages to stay online despite lags and service crashes he can get an edge on other players. This is not only damage to the gaming operator’s image, but also an additional expenditure because the users are going to demand refunds.

Gambling software owners need to have countermeasures against DDoS attacks and they always need to know how many users their current hardware setup can handle, but that alone is not enough. Take another look at the case of William Hill: they had a partnership with Darktrace cybersecurity and that didn’t prevent them from being successfully attacked. DDoS attacks on major poker rooms happen all the time, especially during big events when the user traffic is much higher than usual. What is important is how these rooms handle the attacks, what they do during the attack itself, and how they mitigate the aftermath. They need a solid policy they are going to adhere to during a DDoS attack: do they immediately shut the system down and cancel all the current events, or will they try to keep it alive even with some performance degradation; what are they going to do with user complaints, refund requests, etc.? 

MGM Resorts International customer data hackers’ attack

One of the top casino operators, MGM Resort International, was a victim of a mass cyber security breach that resulted in the loss of personal data of millions of users. The leak of names, email addresses, phone numbers, birthdates, and more, referred to those customers who had stayed at places owned by the Las Vegas firm. However, it was publicly reported that there was no loss of credit and debit card details information.

MGM Resorts International detected the breach early enough before it got down to considerable damage. The casino operator informed affected customers about stealing their personal data and contacted cyber-security forensic companies to help address the case.

As the casino operator detailed after the investigation that the breach in the system had an outcome in a limited amount of information lost by unauthorized access to the system’s server. According to, in May 2022, an 8GB database with the personal data stolen in 2019 of around 30 million MGM Resorts guests was publicly distributed on the social messaging channel Telegram. 

Aleksey Pogireichik, Anti-Fraud Support Manager:

Access to personal data is not only unpleasant, but it also involves real risks, and threats to lose money, property, or be drawn into various kinds of negative stories.

The official position “that there is nothing wrong in the loss of personal data, there is no information about bank cards and passport data” is questionable. The image of MGM Resorts International for a certain part of clients is lost. This is a large chain of hotels and casinos, they are visited by the quiet public and wealthy people. Now any attacker can use their details to scam and launch phishing email campaigns. Since the stolen data is already 3 years old, victims may not expect to be hacked, making them even more vulnerable to attacks.

If information about the facts of fraud or extortion using stolen personal data emerges, the situation around MGM Resorts International will probably only worsen. The recent fact that 30 million MGM Resorts guests were publicly distributed on the social messaging channel Telegram, proves how a data breach can cause long-term consequences.

Federal Group ransomware attack

One of the casino operators in Tasmania validated being a victim of a cyberattack that made its Electronic gambling machines (EGMs), or pokies machines malfunction. According to Daniel Hanna, the Federal Group Executive Director, the breach had been enabled by some form of ransomware. The ransomware attack became an issue when the staff members started getting emails demanding a cryptocurrency payment. 

Pokies giant Federal Group rejected to pay a cyber criminal’s ransom but it still cost the company millions of dollars. In its annual financial statement for the 2020/21 financial year submitted by the Australian Securities and Investment Commission, Federal Group said the company was subject to “a major cyber-attack which resulted in the encryption of a number of systems”.

It resulted in shutting down the casino and hotel booking system for several weeks. Daniel Hanna pointed out that the company decided not to contact the committer of the cybercrime so they are not aware of the amount of ransom requested. “Federal Group has not quantified the cost of the cyber-attack (which included external specialists, internal resources, and foregone revenues) but estimates it would be several million,” he said.

Ekaterina Giganova, Head of PR and Events:

There are a lot of unknowns in this story, but I can state that from the brand image point of view, the decision not to pay the ransom is justified. It has led to a loss, but in public opinion, it is always better to be a decent loser than a part of a criminal scheme. If the victims paid, and that would have gone public (always a possibility when more than one person knows something), dealing secretly with criminals would have had much more grave consequences for the company’s reputation. Many would ask: what else are they hiding or doing in the shadow?

However, the lack of proper cyberattack investigation and the company shutdown should not be taken lightly. For some customers, it could signify technical insecurity, improper management, and inability to deal with complex problems. Whatever causes the shutdown or any other business interruption, in the end, everyone should be clear that the problem is never going to repeat. And that is not the case here.


In the modern world, it is extremely important to keep an eye on security issues, regardless of the business vertical. For an iGaming operator, it’s pivotal to choose reliable technical solutions from trustworthy suppliers. EvenBet Gaming is a supplier that pays great attention to security and is ISO 27001 certified, which means high standards for secure processes and software verification by independent laboratories for vulnerabilities.

Feel free to contact us to get consulting services and choose the best possible solution for your iGaming business.

Victoria Sopko

Article by Victoria

Victoria Sopko

Head of PR at EvenBet Gaming