Racing Post has revealed that its website was hit by a “sophisticated, sustained and aggressive attack” over the weekend in which one of its databases containing customer information was accessed.
In a post on Racingpost.com the firm admitted that reams of other information could have been accessed. “The information at risk from the database that was compromised will vary in the case of each customer, depending on how much information you gave us when you registered,” it said.
“It includes: usernames, first and last names, encrypted passwords, email and customer addresses and date of birth.”
However, it said no financial information had been compromised during the assault: "Betting through the site with our partner bookmakers has at all times been unaffected as this activity takes place directly with the bookmaker,” it said.
“Racing Post is not involved in the process – we hold no details whatsoever in relation to your betting accounts. Customer credit and debit card details are not stored on the site and have therefore not been accessed and are not at risk.”
As a result of the incident customers have been urged to change their passwords on other sites where they use the same login details as on Racingpost.com.
Editor of Racing Post Bruce Millington said the company had halted new registrations as a temporary measure and warned other firms to be on their guard against similar attacks.
"We are extremely sorry that this unfortunate incident has occurred. We believe it may be part of a wider attack on a number of companies. We thank you for your patience and understanding,” he said.
The incident is just the latest cyber security incident to hit a notable brand, with high-street retailer Lakeland also becoming the victim of a sophisticated attack earlier this year. The European Commission admitted earlier this month it is also seeing sustained attacks against its systems.
Dr Kuan Hon criticises GDPR consent emails that will only eviscerate marketing databases and 'media misinformation'
Apple squashes Steam Link app on 'business conflicts' grounds
Philip Hammond wants to forget rules that the UK agreed with the EU to ban non-European companies from the satellites
Instapaper to 'go dark' in Europe until it can work out GDPR compliance