Dexiga, a Nevada-based software startup behind the WinStar app, has confirmed that it has secured an unprotected database containing customer information that was accessible online.
WinStar, which is the largest land-based casino in the world, runs a mobile app called My WinStar. The app allows users to manage their hotel stay, access rewards, and view casino earnings.
According to a report in TechCrunch, Dexiga left one of its logging databases exposed online without the correct security measures. This allowed anyone with the database’s public IP address to access WinStar customers’ personal data through a web browser. After being notified of the potential breach by TechCrunch, Dexiga took the database offline to mitigate the risk.
The exposed database contained personal information, including names, contact details, and addresses. While some information was obscured, it was not encrypted.
According to its report, TechCrunch also uncovered an internal user account linked to Dexiga’s founder. However, Dexiga downplayed the severity of the incident, stating that the exposed information was publicly available and no sensitive data was compromised. Dexiga attributed the incident to a log migration process in January, although the exact date of exposure remains undisclosed.
Despite assurances from Dexiga, there has been no further information released regarding the extent of the data breach and whether affected individuals will be notified. Dexiga stated that investigations are ongoing and pledged to take appropriate measures to prevent future incidents.
As of now, WinStar has made no public announcement in relation to the security breach.
An experienced iGaming commentator and analyst based in New York City - Jenny reports on regulation and gambling industry news and events.