Results 1 to 6 of 6
  1. #1
    PROFRBcom's Avatar
    PROFRBcom is offline Private Member
    Join Date
    April 2013
    Posts
    2,147
    Thanks
    1,481
    Thanked 1,230 Times in 798 Posts

    Default Customer Bank Statements and KYC Data Leaked by Global Poker

    Some of you may have heard of Global Poker. It is a company pushing hard in the USA right now and offering PayPal deposits and payments to players. They even had a talk at the London Affiliate Conference. They bill themselves as a play money sweepstakes company who also just happens to provide real money gaming in disguise, somehow "legally".

    In any case, this company, Global Poker, has had a number of issues lately. The most recent one however involves leaking customer data on the Internet via ZenDesk. They did not password protect the account information, and as such, customer KYC data was openly accessible online. In fact, it was discovered by a poster on 2+2:

    Name:  global-poker-document-security-original-post-twoplustwo.jpg
Views: 429
Size:  20.4 KB


    Come to find out, that this information has been exposed for quite some time. Over a year in fact! The flaw has been fixed now but damage has certainly been done to their brand.

    Name:  7gSXHHq.jpg
Views: 291
Size:  18.7 KB


    Online sweepstakes poker site Global Poker has just fixed a security vulnerability whereby customers' personally identifying documents were accessible on the web. Each document was located at a separate URL, and anyone who had the correct address could view it in any web browser.


    The files in question were hosted through Global Poker's ZenDesk support platform. ZenDesk is a vendor of popular software applications that provide interfaces for customer support ticketing, knowledge base searching, and secure document storage among other features.

    Full write up on the scandal can be found here: https://professionalrakeback.com/cus...t-global-poker

  2. The Following 3 Users Say Thank You to PROFRBcom For This Useful Post:

    ocreditor (28 June 2018), Sherlock (24 June 2018), yeahfree (24 June 2018)

  3. #2
    Triple7 is offline Private Member
    Join Date
    January 2015
    Posts
    2,877
    Thanks
    2,065
    Thanked 2,466 Times in 1,337 Posts

    Default

    It's a known Zendesk issue, but they don't seem to care.

    GDPR causes a lot of work for us all, but data is still leaked massively.

  4. #3
    PROFRBcom's Avatar
    PROFRBcom is offline Private Member
    Join Date
    April 2013
    Posts
    2,147
    Thanks
    1,481
    Thanked 1,230 Times in 798 Posts

    Default

    Quote Originally Posted by Triple7 View Post
    It's a know Zendesk issue, but they don't seem to care.

    GDPR causes a lot of work for us all, but data is still leaked massively.

    It's actually incompetence on the part of Global Poker. They only needed to click one tick-box and they could have limited all the data to only being accessible by players when logged in, as opposed to completely open and not protected by at least a password!

  5. #4
    sweetbet's Avatar
    sweetbet is offline Public Member
    Join Date
    November 2012
    Posts
    2,823
    Blog Entries
    5
    Thanks
    898
    Thanked 1,573 Times in 1,086 Posts

    Default

    Quote Originally Posted by PROFRBcom View Post
    Come to find out, that this information has been exposed for quite some time. Over a year in fact! The flaw has been fixed now but damage has certainly been done to their brand.
    That's crazy. I hope no one's bank account was hacked due to this company's incompetence.

  6. The Following User Says Thank You to sweetbet For This Useful Post:

    PROFRBcom (24 June 2018)

  7. #5
    Vargoso's Avatar
    Vargoso is offline Spanish Forum Moderator
    Join Date
    February 2018
    Location
    Colombia
    Posts
    223
    Thanks
    40
    Thanked 91 Times in 59 Posts

    Default

    Shady from GlobalPoker, not to mention the recent change from Paypal to another payment system without noticing the players.

    Also, the Global answer in the 2+2 forum was something like if some document was actually leaked was because of user fault...come on!
    Rakeback and professional services for poker players - https://worldpokerdeals.com

  8. #6
    Triple7 is offline Private Member
    Join Date
    January 2015
    Posts
    2,877
    Thanks
    2,065
    Thanked 2,466 Times in 1,337 Posts

    Default

    Quote Originally Posted by PROFRBcom View Post
    It's actually incompetence on the part of Global Poker. They only needed to click one tick-box and they could have limited all the data to only being accessible by players when logged in, as opposed to completely open and not protected by at least a password!
    But why there's that option? I saw exactly the same thing before at a licensed Belgian casino. Player uploaded KYC stuff, sent me the link and I could access all his documents easily.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •