The Bitcoin-denominated online casino Coinroll has confirmed independent reports from security specialist MacKeeper last month that information from over 4,500 of its player accounts has been found on an internet database not associated with the company.
The accounts info was linked to over 9,500 bitcoin wallets, the publication Softpedia reported.
According to Softpedia, MacKeeper staffer Chris Vickery discovered the breach and noted that despite having a strong password protective algorithm, there were security deficiencies in the system which included the lack of an admin password.
Following reports from some players that their bitcoin wallets had been illegally raided, Coinroll ‘fessed up in a website advisory last week, warning players who opened accounts prior to April 7 that their account data may have been compromised and suggesting they change their passwords.
There had only been “a few claims” of illegal withdrawals, the Coinroll advisory alleged, adding that it has suspended operations whilst it conducts a thorough investigation, and that remedial security measures have already been implemented
Early indications are that the breach resulted from an update to the casino’s Ubuntu operating system which had unintentionally also altered settings in the firewall config tool.
Coinroll is reportedly mulling a switch to another operating system as a consequence.