In November 2024, online betting platform, 1win, suffered a massive data breach, exposing the personal information of 96 million users. The leaked data included email addresses, IP addresses, phone numbers, birth dates, geographic locations, and SHA-256 hashed passwords. The hacker initially demanded a $1 million ransom, later increasing it to $15 million. After 1win refused to pay, portions of the database were leaked online. The compromised data was added to Have I Been Pwned (HIBP), increasing users’ risks of phishing and identity theft.
The compromised database have now been sorted according to countries by a threat actor, CountySorter, on BreachForum, and now accessible to other threat actors.
Affected users are advised to update their passwords, use MFA for additional security and remain cautious of suspicious activity.