1win data leak: Almost 100 million user data records at Have-I-Been-Pwned
The Have-I-Been-Pwned project has obtained data from almost 100 million 1win users. They originate from a data leak in November.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
In November, the online betting platform 1win suffered an IT incident in which the data of around 96 million users was copied by attackers. This data has now surfaced in the digital underground. Troy Hunt obtained them and was able to add them to the database of his Have-I-Been-Pwned Project (HIBP).
A short entry on the HIBP website discusses the data leak at the betting provider. According to this, the data set includes email addresses, IP addresses, telephone numbers, geographical location, country, dates of birth and passwords hashed with SHA-256. 1win is also available in German, but it is not known how many users from the DACH region are specifically affected.
Treasure trove for phishers
Fraudsters can use this data to launch more targeted and credible phishing attacks against potential victims. Anyone who used the 1win betting platform before November 2024 should therefore exercise particular caution when receiving emails relating to online betting.
Videos by heise
Interested parties can find out whether their data has been exposed in this or other data leaks by entering their email address on the main page of Have I Been Pwned. If you register your e-mail address there, you can also be informed if your address appears in data dumps from infostealers. This is malware that collects data on victims' computers and sends it to the perpetrators' servers, usually complete access data consisting of usernames and passwords. As this information can violate privacy, it is not possible to find out what has been found by simply entering the e-mail address.
The Hasso Plattner Institute operates a similar service, the Identity Leak Checker. However, the site is temporarily unavailable at the time of reporting. Another comparable service is the Leak Checker of the University of Bonn, which sends findings in the database to the specified address after the email address has been entered.
Around two weeks ago, data from a data theft at hardware manufacturer MSI ended up in the HIBP project. This affected around 250,000 MSI customers who had previously claimed under guarantee or warranty.
(dmk)
