Database containing sensitive information of more 257,000 gamblers has been put for sale on a popular hacking forum by an unknown user. The user records indicate that the gamblers are associated with orakulas.lt (now known as Olybet.lt) which is Lithuanian operator of online betting and gaming services. Olybet is part of Olympic Entertainment Group, which is in turn owned by private equity firm Novalpina Holding group.
The database consisted of login details including email addresses and hashed passwords of gamblers and it accounted for $100 in bitcoin. The unknown users also released second part of the database on the forum that allegedly contains 3,087 tables including a wide variety of deeply sensitive personal and service-related data of orakulas.lt users, such as: Document scans, Credit card details, Personal messages, Bank account details, Transaction data.
Olybet confirmed about the data breach and stated that the database was genuine. By investigating the screenshots of the database posted online by the threat actor, security experts found out that the table begins with email addresses containing old and obsolete email domains, many of which are no longer used by Lithuanian users. But there is a high possibility of newer user records to be present in the database.