- Draftkings Accounts were compromised via ID of Legitimation or Brute-Force attacks on September 2, 2025
- Exposed data includes names, E emails, phone numbers, debit card digits and account information
- Customers are encouraged to reset passwords, activate 2FA and monitor credit reports for fraud
Gambling Company Draftkings has warned some of its users that their accounts were hacked and some of the sensitive data stored there that was accessed.
In a review of data violation sent on the official site of the Commonwealth of Massachusetts, Draftkings explained that its systems were not violated and that this was either a credentials or brute-force attack that happened on September 2, 2025.
“By stealing login credentials from a non-draft source and using them in this attack, however, the bad actor may have been temporarily able to log in to certain Draftking’s accounts,” the letter reads. “It is important that our study has so far not observed any evidence that your login information was obtained from Draftkings, or that Draftkings’ computer systems or networks were broken as part of this incident.”
Nothing “sensitive” was stolen?
The company did not say how many people were affected by the attack or who attacked them. It said the exposed data includes people’s names, birth dates, phone numbers, e -mail addresses, the last four digits of their debit card, profile pictures, information on prior transactions, account balance and the date of the last password change.
This is a lot of information and can be used in any kind of malicious ways. Attackers can use it in financial fraud, identity theft, account takeover, targeted phishing, SIM -swap attacks, social engineering and ultimately -extortion.
Draftkings emphasized that “sensitive” customer information such as state-issued ID numbers, full financial account numbers or “other information that would allow the bad actor to commit identity theft or access our clients’ bank accounts” did not access.
It now encourages customers to reset their login credentials, create two-factor approval and implement additional protective measures. It also asked them to review their account and credit reports and consider placing security freezer and fraud alerts.
Via Bleeping computer
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
