Data Breach on Clubillion Gambling app puts millions of users to risk


A popular gaming app titled Clubillion is in news for putting millions of users to risk due to a massive data leak. According to a research carried out by vpnMentor, the sensitive data related to Clubillion Gambling app built on the Elasticsearch Engine of AWS database was leaked because of a technical glitch throwing details like names, winning track,  IP addresses, private messages in account, phone numbers and email IDs open to be accessed by hackers.

So, the security researchers of vpnMentor say that the exposed data could put all the users of the gaming app vulnerable to banking frauds and various cyber attacks such as phishing.

Technically, Clubillion is a free to play casino game dedicated to Android and iOS users where the gamers can avail free 30+ slots for free to try their luck.

It’s now revealed in the research that all the gaming related data hosted on Amazon Web Services was left exposed from the past few weeks to hackers because of a technical glitch. All the log action like when an individual player entered the game, won it, lose updated the account, created account was available to be accessed by anyone on the cloud platform.

It is estimated, that the database exposed over 200 million records daily, meaning around 50GB data was available to be accessed by hackers with no authentication.

According to sources reporting to Cybersecurity Insiders, players of Clubillion are located across the globe like in countries such as USA, UK, France, Israel, Germany, Spain, Italy, Netherlands, Australia, India, Poland, Romania, Vietnam, Lebanon, Indonesia, Philippines, Thailand, Austria, Hungry, Latvia, Canada, Brazil, Sweden and Russia.

Clubillion Data Breach could spell deep trouble to the future of the gaming app as it can lead to loss of trust among players, force EU’s data watchdog to reprimand it for breaking GDPR rules and make Google Play and Apple Store remove it from their respective platforms as it has failed to protect its user data securely.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display