American online gaming company DraftKings revealed that they've been hacked, with multiple customers having their accounts compromised and more than $300,000 in funds that were stolen.
The hackers accessed accounts using compromised information from other accounts, and were able to change phone numbers to deactivate two-factor authentication. The company says that DraftKings didn't have its own servers compromised, but that information was used from stolen accounts elsewhere. DraftKings did indicate that they intend on making the customers affected whole by replenishing the stolen funds. In most cases, hundreds of dollars were withdrawn from bank accounts tied to the app.
In a statement, DraftKings Co-Founder Paul Liberman said, "DraftKings is aware that some customers are experiencing irregular activity with their accounts. We currently believe that the login information of these customers was compromised on other sites and then used to access their DraftKings accounts, where they used the same login information."
"We see no evidence that DraftKings' systems were breached to obtain this information.
"We have identified less than $300,000 of customer funds that were affected, and we intend to make whole any customer that was impacted.
"We strongly encourage customers to use unique passwords for DraftKings and all other sites, and we strongly recommend that customers do not share their passwords with anyone, including third party sites for the purpose of tracking betting information on DraftKings and other betting apps."