Blacklisted online betting site BetVictor has accidentally revealed a password breach for their internal systems occurred, giving outsiders the passwords for back-office systems as well as some usernames.
The document was unveiled through Chris Hogben, a security researcher. He unveiled the list by barging in through the company's customer support search box. The document was titled 'Logins/Links to Back Offices - Internal', and the sensitive data was contained within. Even worse, 11 of the passwords were easy to identify.
The logins were tied to enough permissions that there could have been a large security breach involving customer information. The file dated back to 2015, but its unknown how long the file was on the system.
BetVictor is investigating the breach and a statement read: "We are still investigating this matter with our third-party suppliers and cannot answer any specific questions at this point in time."