Welcome to Live View – Take the tour to learn more
Start Tour
There is currently 1 person viewing this thread.
anyone else had the email timed at 3.59 today
Show More
Apparently so...
Paddy Power and Betfair recently detected that an unauthorised third party had gained access to limited betting account information related to some of our customers.
We want to be transparent and have therefore taken the step of informing impacted customers and making them aware of the measures we have taken.
Paddy Power and Betfair recently detected that an unauthorised third party had gained access to limited betting account information related to some of our customers.
We want to be transparent and have therefore taken the step of informing impacted customers and making them aware of the measures we have taken.
its the second time , if its happened again...paddy power had this issue years ago....it came up one of my vpn which does a search on your email address'....It was many years ago though
Never got the email but someone deff accessing my account.
I've backed the last 6 winners
I've backed the last 6 winners
Excellent Mr Myxiplyx.
What Dickens book were you in btw?
What Dickens book were you in btw?
Offered me 5k compensation but heard could be a class action for more
Why have I had to wait until the last 30 mins to receive my Email?
Is it possible to have username changed? I would wish to do that in light of this development.
don't know that. wouldn't try myself might make 'em wonder who the crook is.
I previously asked for that when there were fraudulent attempts to access account but they claimed they can't do that..(I'm sure they could)..if you do notice attempts on your account it's worth changing the associated email with the account to one you know to be breach free as often the attempts are email related not username.
* the benefit being you know whether the attempted accessor has your username or just an email address ..though the best thing is to use the two step authentication.
Have had 2 Step Authentication active for over a decade.
Not happy about this breach though, identity theft is a real thing and crooks are becoming cleverer and cleverer
Not happy about this breach though, identity theft is a real thing and crooks are becoming cleverer and cleverer
indeed, the very limited disclosure about it is poor as well..
I want some more meat on the bones with this, was this a targeted hack similar to what M&S et al experienced?
Received one from Paddy and one from Betty half an hour ago...main worry is they seem to have the first line of addresses and postcode(last line of address)...
Ive already started to receive some very unsavoury e-mails into my spam folder in the last couple of days.
And they wonder why we don't want to send them our wage slips and bank statements
just got it today, so it looks like everyone's dets have been taken imo, and they are just working thru the emails. - anyone got a spam email from "VIP club" saying "successful deposit"?
...they seem to have the first line of addresses and postcode(last line of address). " Probably best not to boast about how many nelsons you've won on the forum
including your name and the first line of your address and city
also
they say it doesn't include any usable card or payment details. wtf does that mean? If the name of the bank was revealed, it isn't "useable", but with the other details, it is a pretty good start at enabling a bank account hack.
also
they say it doesn't include any usable card or payment details. wtf does that mean? If the name of the bank was revealed, it isn't "useable", but with the other details, it is a pretty good start at enabling a bank account hack.
dave I'm no expert but everytime I spend money I get a code sent to my mobile. That's pretty good protection isn't it ?
A One Time Passcode. They are probably a decent step towards protection but they’re a pain in the arris when you’re spending a small amount and have to wait for a code.
I’ve not had an email.
I’ve not had an email.
I'm talking about perps phoning up the bank using the details and trying to get access to the account. They might even have had the last transactions from the betfair account. There also might be an effort to hack email accounts.
I use a different email for banking, finance but anyone who doesn't should really think about setting up one.
This is very high value info and when combined with other hacks could build up a nice little file for fraud id theft hacks etc.
I use a different email for banking, finance but anyone who doesn't should really think about setting up one.
This is very high value info and when combined with other hacks could build up a nice little file for fraud id theft hacks etc.
Duffy makes a good point about how secure anyones bank details etc are if you were daft enough to give them up.
yes, if one of the biggest co's can't keep data secure, there is no chance that some of the scum that ukgc licence will be able to.
Your Data flows everywhere, and every bit is for sale. Class action for failure IMO.
The silver lining to this, if there is one, is that it surely must be harder now for them to chase people for A/C check stuff, they are just going to be hit repeatedly over the head with this fiasco as proof that they aren't equipped to be trusted with such info.
"I'm talking about perps phoning up the bank..." Aren't they suspicious when they are phoning on a number they don't have on your account ?
My Oap neighbours just got a new kitchen. Stupefied by the fact that their appliances, or at least some of them, have to be linked up to WiFi. 
Not quite the same subject but nonetheless symbolic of our techno-advanced time. No going back that’s for sure.
Not quite the same subject but nonetheless symbolic of our techno-advanced time. No going back that’s for sure.
howard • July 10, 2025 4:42 PM BST
"I'm talking about perps phoning up the bank..." Aren't they suspicious when they are phoning on a number they don't have on your account ?
I'm pretty sure that's about 89th on the list of checks that callcentres do.
The guys that do this kind of thing are experts. They look for a call handler who dgaf and use the info they have.
As I said it's high value info. If they sell the usernames, accounts are going to be locked all over the place when they try passwords from other hacks, they think are linked.
"I'm talking about perps phoning up the bank..." Aren't they suspicious when they are phoning on a number they don't have on your account ?
I'm pretty sure that's about 89th on the list of checks that callcentres do.
The guys that do this kind of thing are experts. They look for a call handler who dgaf and use the info they have.
As I said it's high value info. If they sell the usernames, accounts are going to be locked all over the place when they try passwords from other hacks, they think are linked.
Had one today , this does not include password ID and card payments.
it says this does not include passwords, ID documents or any usable card or payment details
It does include betfair username and what "any usable card or payment details" means is anyone's guess.
It does include betfair username and what "any usable card or payment details" means is anyone's guess.
To me it means old expired cards....a bit too close for comfort....sounds like a sh1t show and they are trying to play it down and currently have everything crossed.
Unless I've missed the obvious they haven't even publicly acknowledged it ?
the news reports I read didn't suggest Flutter had provided the information ? they suggested some customers had received emails to that effect, that is poor in itself...basically if you don't read the forum (many don't) or a handful of news articles there would be no awareness even.
the news reports I read didn't suggest Flutter had provided the information ? they suggested some customers had received emails to that effect, that is poor in itself...basically if you don't read the forum (many don't) or a handful of news articles there would be no awareness even.
Should surely be an email sent to all customers in circs like this though (affected or otherwise) and re-iterate strong password, consider secondary authentication etc, if I didn't read the forum (I haven't received an email yet) and hadn't then looked at links provided on here and searched news sources for other ones, I still wouldn't know it had happened.
Hope they can't access different passwords from other sites because then they will try them with our usernames and get accounts blocked.
I wonder what the fine for Betfair will be. Large I would suppose.
This site is based on financial transactions.
This site is based on financial transactions.
got the same email from betfair and paddy power - name, ID, mailing address (at least some of it) and in my opinion the most scary of all is IP address, because all hacking starts from IP address!!
Always worth checking your email address here for data breaches.
https://haveibeenpwned.com/
https://haveibeenpwned.com/
Also check passwords
Pwned Passwords
Check if your password has appeared in known data breaches. If they have change them ASAP.
Pwned Passwords
Check if your password has appeared in known data breaches. If they have change them ASAP.
Here is the wiki page for everyone to read. A very good site for security.
https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F
https://en.wikipedia.org/wiki/Have_I_Been_Pwned%3F
4
Data Breaches
Oh no — pwned! This email address has been found in multiple data breaches. Review the details below to see where your data was exposed.
Data Breaches
Oh no — pwned! This email address has been found in multiple data breaches. Review the details below to see where your data was exposed.
At this point, it's safer to assume everyone's email has been leaked!
Had an email today from a MENDES headlined “That’s everything set up”! Attachments, which I did not download or open was clearly headlined “PayPal”.
I replied “ Go and do one” then deleted the email.
Had made no purchases recently and NEVER use the said PayPal anyway.
Right or wrong?
Right as far as I am concerned.
I replied “ Go and do one” then deleted the email.
Had made no purchases recently and NEVER use the said PayPal anyway.
Right or wrong?
Right as far as I am concerned.
was it from Shawn? Never knew why he didn't stick with Camila Cabello, maybe something about that honcho?
No idea. It was just out of place and unconnected to me and my recent activity so I just binned it.
I misspelt it, it was MENDEZ.
I misspelt it, it was MENDEZ.
LoyalHoncho -- Had an email today from a MENDES headlined “That’s everything set up”! Attachments, which I did not download or open was clearly headlined “PayPal”.
I replied “ Go and do one” then deleted the email.
Had made no purchases recently and NEVER use the said PayPal anyway.
Right or wrong?
Right as far as I am concerned.
Half right, half wrong.
Right: deleting email
Wrong: replying to email. It's either a spoofed address or you've just confirmed the address they used for you is live.
I replied “ Go and do one” then deleted the email.
Had made no purchases recently and NEVER use the said PayPal anyway.
Right or wrong?
Right as far as I am concerned.
Half right, half wrong.
Right: deleting email
Wrong: replying to email. It's either a spoofed address or you've just confirmed the address they used for you is live.
@Gordon63 -- got the same email from betfair and paddy power - name, ID, mailing address (at least some of it) and in my opinion the most scary of all is IP address, because all hacking starts from IP address!!
Relax. Almost no hacking starts from IP address. The scary thing might be that Betfair/PP thinks it is worth recording in the first place although there might be legal requirements. It suggests they might be closing accounts through misunderstanding how the internet works.
Unless you are a business paying for a fixed IP address, your external IP address will vary depending on how your ISP feels on any particular morning and will be shared with other customers. So relax.
Relax. Almost no hacking starts from IP address. The scary thing might be that Betfair/PP thinks it is worth recording in the first place although there might be legal requirements. It suggests they might be closing accounts through misunderstanding how the internet works.
Unless you are a business paying for a fixed IP address, your external IP address will vary depending on how your ISP feels on any particular morning and will be shared with other customers. So relax.
Do not worry about IP leaking. Mine has been static here for 10 years. Hacking does not start from knowing your IP. I could write my IP here and there wouldn't be anything you could do.
NEVER click links in email or open any attachments from TXT messages/ WhatsApp etc.(even from people you know) They could have been compromised, and email address can be cloned cleverly now
Use strong LONG unique passwords FOR EVERY website/app NEVER use the same password anywhere. Consider Passkey setup.
Keep your software updated.
Set up two-factor authentication everywhere.
NEVER click links in email or open any attachments from TXT messages/ WhatsApp etc.(even from people you know) They could have been compromised, and email address can be cloned cleverly now
Use strong LONG unique passwords FOR EVERY website/app NEVER use the same password anywhere. Consider Passkey setup.
Keep your software updated.
Set up two-factor authentication everywhere.
Check here to see if the website/app supports two-factor authentication. If they don't consider leaving them.
https://2fa.directory/au/
https://2fa.directory/au/
Remember this: Most people are compromised phished via Email/Call/text message or scammed because of something they interact with. Be vigilant always.
@ramruma
(of IP address) "The scary thing might be that Betfair/PP thinks it is worth recording in the first place although there might be legal requirements."
I'd think so - if (eg) the Spanish regulator thought you'd been betting on the main Exchange rather than the Spanish one from your second home in Malaga, BF would want to be able to show you were betting from an English IP address (etc)?
(of IP address) "The scary thing might be that Betfair/PP thinks it is worth recording in the first place although there might be legal requirements."
I'd think so - if (eg) the Spanish regulator thought you'd been betting on the main Exchange rather than the Spanish one from your second home in Malaga, BF would want to be able to show you were betting from an English IP address (etc)?
Another erroneous email in today with a title about a forthcoming appointment, designed clearly to provoke concern and a look.
No deal.
I did find out that it again involved PayPal and a bitcoin transaction of which I know nothing whatsoever. Binned without opening.
Be careful.
No deal.
I did find out that it again involved PayPal and a bitcoin transaction of which I know nothing whatsoever. Binned without opening.
Be careful.
Post Your Reply
Please login to post a reply.
Wonder
Instance ID: 13539