Flutter Entertainment has launched an internal investigation following a data breach involving customer information from its Paddy Power and Betfair platforms.
Affected users were notified via email, and Flutter stated that the issue has since been contained.
According to iGB sources, a substantial portion of Flutter’s UK customer base was impacted. The compromised data included usernames, email addresses, partial home addresses, details of recent account activity, and technical information such as device IDs and IP addresses. Flutter, which reports having 4.2 million average monthly players in the UK and Ireland, clarified that no passwords, identity documents, or payment card information were accessed.
While Flutter was not legally required to inform customers due to the relatively limited nature of the breach, the company chose to do so voluntarily. It also reported the incident to the UK Gambling Commission and the Information Commissioner’s Office.
Data breaches have become a recurring issue in the gambling industry. Earlier this year, German operator Merkur suffered a significant breach across several sites, where more sensitive data, including banking information, was exposed. The incident, discovered by an ethical hacker, prompted the German regulator to mandate stronger cybersecurity measures.
In a separate incident in June, the British Horseracing Authority experienced a cyberattack that temporarily shut down its London office.
