Fanduel Notice of Third Party Vendor Security Incident

**Easy-Rider 66** · 01-19-23, 12:03 PM

got it.

**jjgold** · 01-19-23, 12:28 PM

Thieves are stealing everything
No idea how all this is possible

**d2bets** · 01-19-23, 12:30 PM

No. What state?

**pologq** · 01-19-23, 12:40 PM

Originally posted by d2bets

No. What state?

i am in NY. the email did not say it was a state specific issue. says they got customers names and emails.

**d2bets** · 01-19-23, 01:02 PM

Originally posted by pologq

i am in NY. the email did not say it was a state specific issue. says they got customers names and emails.

Probably is state-specific though. Vendors differ by state.

**stevex** · 01-19-23, 02:49 PM

Originally posted by d2bets

Probably is state-specific though. Vendors differ by state.

This. I’m in Jersey and never got the email.

**Easy-Rider 66** · 01-19-23, 03:15 PM

Originally posted by stevex

This. I’m in Jersey and never got the email.

in NC and got it

**Optional** · 01-20-23, 03:40 AM

Originally posted by pologq

i am in NY. the email did not say it was a state specific issue. says they got customers names and emails.

I wonder what sort of third party vendor they would be handing their customer name/email list to.

Post the email for us?

**G Anon Dropout** · 01-20-23, 04:35 AM

Got it in Ohio.

**jjgold** · 01-20-23, 07:14 AM

These places all use under hand tactics to get customers

Never properly vet either and this is what happens

Shame on fanduel

**Mugsy777** · 01-20-23, 08:59 AM

Got it here in MI

**pologq** · 01-20-23, 09:29 AM

Originally posted by Optional

I wonder what sort of third party vendor they would be handing their customer name/email list to.

Post the email for us?

Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients. On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident.

Although none of your personal information beyond your name and email address were implicated, it is a good moment to remind you that we encourage every customer to take four important steps to help safeguard your FanDuel account and maintain your play safely and securely:

1. Remain vigilant against email “phishing” attempts claiming an issue with your FanDuel account that requires providing personal or private information to resolve the problem. FanDuel will never email customers directly and request personal information to resolve an issue.
2. Frequently update your password using a unique alphanumeric combination not utilized on other apps or websites.
3. Enable multi-factor authentication (MFA) login capability on your FanDuel account. This added step will provide an important layer of protection. Click here to enable MFA on your account.
4. Watch out for any attempted password resets for your account at FanDuel or elsewhere that you didn’t initiate. If you receive one you did not ask for, avoid clicking on any links in the email and make sure your email provider password is secure, and not one that has been reused or compromised in a data breach.

We thank you for being a valued customer and we apologize for any concern or inconvenience caused by this incident.

We hope you’re enjoying the excitement only the NFL playoffs and the Super Bowl can deliver!

**big joe 1212** · 01-20-23, 10:02 AM

I got it too

**jjgold** · 01-20-23, 10:16 AM

3. Enable multi-factor authentication (MFA) login capability on your FanDuel account. This added step will provide an important layer of protection.

That’s the most important thing you can do

**BuckyOne** · 01-20-23, 10:25 AM

FD might have a mouse in their house???

**texhooper** · 01-20-23, 11:12 AM

I didn’t get that email but I was asked to press and hold an oval every time I logged in to the app on my phone last night, which they said was proving I was a human and not using automation software. I was flattered because I have been running hot lately but also annoyed. Then they made me change my password. No email though.

FUN TIMES WITH LEGAL GAMBLING

**Renegades** · 01-20-23, 12:27 PM

Got it too. Im in CT

**newton0038** · 01-20-23, 01:02 PM

Mailchimp perhaps. Seeing tons of their commercials lately. Too busy counting cash they said fuk securty

**KVB** · 01-20-23, 01:37 PM

Originally posted by pologq

i am in NY. the email did not say it was a state specific issue. says they got customers names and emails.

Originally posted by d2bets

Probably is state-specific though. Vendors differ by state.

Yes, vendors might differ by strate but that doesn't mean different states don't use the same vendor.

Getting reports in multiple states of the same issue.

NY, MI, NC, Ohio, Connecticut all on the list so far, from what I'm hearing.

I'm warning everyone that that particular email will be getting scams and they're real names will be used. There is a huge email list that was acquired here, no doubt.

**KVB** · 01-20-23, 01:38 PM

Originally posted by BuckyOne

FD might have a mouse in their house???

I don't think so. I think they can effectively wash their hands of this incident.

Not sure though.

**jjgold** · 01-20-23, 01:46 PM

Its called sloppy management and of course lazy

The new gen worker

**KVB** · 01-20-23, 01:48 PM

Originally posted by jjgold

Its called sloppy management and of course lazy

The new gen worker

Email list has probably already been sold 10 times over already.

**Easy-Rider 66** · 01-20-23, 01:56 PM

Originally posted by texhooper

I didn’t get that email but I was asked to press and hold an oval every time I logged in to the app on my phone last night, which they said was proving I was a human and not using automation software. I was flattered because I have been running hot lately but also annoyed. Then they made me change my password. No email though.

FUN TIMES WITH LEGAL GAMBLING

same here

**jjgold** · 01-20-23, 04:41 PM

Originally posted by KVB

Email list has probably already been sold 10 times over already.

yep

**pologq** · 01-20-23, 05:12 PM

JJ u need to handle their security

**big joe 1212** · 01-20-23, 06:46 PM

That’s 2 books within the last month

25 years of offshore gambling - Zero problems

**jjgold** · 01-20-23, 07:14 PM

Like I said lax employees that do not care

Just take a pay check

**d2bets** · 01-20-23, 08:01 PM

Originally posted by big joe 1212

That’s 2 books within the last month

25 years of offshore gambling - Zero problems

Really? You got lucky. And as far as data breaches go, the difference is offshore wouldn't have disclosed as a regulated book is compelled to.

**Optional** · 01-20-23, 10:43 PM

^^^ What D2Bets said... non-licensed books don't tell you.

This supports the argument no bookmaker should be collecting KYC information though. Needs to be a better, centralized, secure solution to verification.

**PharaohUB** · 01-21-23, 12:49 AM

Should give us a free play to say sorry.

**gooner89** · 01-21-23, 06:46 AM

Originally posted by pologq

Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system [...]1. Remain vigilant against email “phishing” attempts claiming an issue with your FanDuel account that requires providing personal or private information to resolve the problem. FanDuel will never email customers directly and request personal information to resolve an issue.

This always makes me laugh. "We got hacked but YOU should be the one to remain vigilant."

**jjgold** · 01-21-23, 07:07 AM

It seems every company gets hacked now

Just the new way of the world

**dxp** · 01-21-23, 09:26 AM

Originally posted by gooner89

This always makes me laugh. "We got hacked but YOU should be the one to remain vigilant."

right? reminds me of way back in the day with no password rules. dummies always making their pass 123456 or abc123. i'm setting mine at like t73c25zz2x. then when they finally got tired of compromises, all of a sudden MY password isn't strong enough and i need to do better.

**jjgold** · 01-21-23, 09:42 AM

They always blame the user