According to various web reports, security researcher Justine Paine discovered a data leak this week from an ElasticSearch server that involved over 108 million bets and user data from an online casino group.
Paine discovered the leak after finding the server which had been exposed online without a password. Online domains affected include kahunacasino.com, azur-casino.com, easybet.com, and viproomcasino.net.
Companies use ElasticSearch servers to improve web apps and search capabilities. The servers are usually kept secure and remain offline because they contain sensitive data about customer transactions. The server in question was located in Cyprus, according to the reports.
User data exposed included home addresses, names, email addresses, and account balances as well as 108 million records relating to wins, deposits, and withdrawals. This withdrawal data also included payment card details, published reports said.
