DraftKings stock tumbles as sportsbook reels from customer accounts breach

DraftKings stock has dropped by almost 9% in trading after an alleged cyberattack saw almost $300,000 in customer funds taken from accounts by hackers.

Several users of the sportsbook and igaming operator reported anomalous activity on their accounts, which included the usage of stored credit card information on the DraftKings site to make deposits. Unconfirmed reports suggest these were then withdrawn by the hackers using banking platform Venmo.

In other instances, as reported on social media, hackers changed phone numbers associated with accounts, making it difficult for users to change their passwords or temporarily lock their accounts, leaving many with no option but to take to Twitter to voice their concerns.

My account was hacked last night and I have received ZERO support from @DK_Assist @DraftKings. They are not responding to voicemails or emails.

— Take a drink Mizzou fans! (@JonStrini) November 21, 2022

DraftKings does not operate a telephone-supported customer services line, with users instead directed to send messages electronically for support. However, many users reported little or no response from DraftKings.

In addition, several user accounts were placed under temporary restrictions, with a provision for these restrictions to be lifted only after scanned ID was provided, which led to concerns from affected users that these requests were coming from hackers rather than DraftKings itself.

I got this same email but didn’t send the pic because that seemed really odd. However, this is literally the response I got from their support. They are working with hackers or have been taken over by hackers. Either way, WTF pic.twitter.com/XKKdTm9WJE

— Justin Go Buffalo (@JustinGoBuffalo) November 21, 2022

In one instance, hackers tried to withdraw as much as $19,000 from one user account.

Unconfirmed reports suggest the type of attack is known as a “credential stuffing attack”, where hackers purchase lists of names, emails and passwords on the dark web, which in some cases come from breaches of other sites.

At this point in the hacking process, a programme is set up to automatically log in to other sites using that information, made easier by individuals using the same email and password combination on multiple sites.

Speculation on Twitter suggests that as many as 100,000 DraftKings accounts could have been affected by the hack.

Responding to a barrage of customer services messages and comments on social media, DraftKings co-founder and president of global technology and product Paul Liberman acknowledged that some customers were experiencing “irregular activity” with their accounts, but downplayed any talk of breaches of DraftKings’ own systems.

“We currently believe that the login information of these customers was compromised on other websites and then used to access their DraftKings accounts where they used the same login information,” Liberman said in a statement.

“We have seen no evidence that DraftKings’ systems were breached to obtain this information.

“We have identified less than $300,000 of customer funds that were affected, and we intend to make whole any customer that was impacted.

“We strongly encourage customers to use unique passwords for DraftKings and all other sites, and we strongly recommend that customers do not share their passwords with anyone, including third-party sites for the purposes of tracking betting information on DraftKings and other betting apps,” Liberman added.

Many users of the DraftKings app have set up twin factor identifications (2FA), a process which requires users to verify their details through two separate sources before accounts can be accessed.

Elsewhere, reports on ESPN have suggested a similar cybersecurity breach at BetMGM involving the creation of fraudulent accounts using the information of professional poker players by hackers aiming to withdraw funds from unsuspecting account holders.

These attempted breaches, which have taken place throughout both October and November, utilise data to set up duplicate accounts that are then matched to BetMGM’s payment provider, Global Payments Gaming Solutions, allowing hackers to once again use the Venmo system to drain funds from accounts.

In a statement provided to ESPN, BetMGM said it was aware of a potential incident and was “actively investigating” the potential breach.

“The security of our patrons’ accounts is of the utmost importance to us. We encourage any impacted patrons to contact our customer service department directly,” BetMGM said.

Global Payments Gaming Solutions has also confirmed its assistance with a law enforcement investigation into the matter.