What a mess: B.C. Lottery Corp. shuts down gambling site

Jul 21, 2010, 7:59 am (5 comments)

British Columbia Lottery

Some placed bets with other peoples' money

Includes video report

The B.C. Lottery Corp. disabled its online gambling site last week because the accounts belonging to 134 users had been compromised, organization president and CEO Michael Graydon said Tuesday.

Graydon said that after a major relaunch of the website on Thursday, about $8,000 was wagered by accounts controlled by someone other than the owner and in 12 cases, users were able to view other people's personal information.

In one case, he said, the last four digits of a person's credit card were compromised. In another, the breach revealed banking information "similar to what you would find on the bottom of a personal cheque."

The explanation comes in stark contrast to what B.C. Lottery Corp. had said previously on why it had disabled its online gambling site, PlayNow. com, just hours after a major expansion and relaunch on Thursday morning.

In an interview Friday afternoon, a company official said the site was taken down because it was overloaded with traffic, leading to "slowness" or "not good responsiveness."

Company vice-president Kevin Gass made no mention at the time of a security breach.

On Tuesday, Graydon said the company opted not to reveal information about the breach until it knew what had taken place, and until after it had informed those who had been affected.

"Our first priority was really to our players and making sure we got to them first," he said.

"We wanted to make sure that they heard from BCLC and not read it in the newspaper."

Critics were quick to pounce.

"It's very concerning that they spun this on Friday — the minister and the corporation — as being about too many enthusiastic people wanting to play on the site," said New Democratic Party critic Shane Simpson.

"We now know that they were fully aware on Friday that this was a security breach," he added, saying the response by both government and B.C. Lottery Corp. was "not honest".

Minister of Housing and Social Development Rich Coleman, who is responsible for the B.C. Lottery Corp., was not available for comment Tuesday.

Staff in Coleman's office referred all questions to Graydon.

"We haven't lied to anyone," said Graydon.

"We've only been open and transparent with the customers affected. We identified them very quickly and we communicated with them very quickly."

Officials at B.C. Lottery Corp. said staff in the IT department had noticed Thursday the site was lagging, but were not aware of the security issue until contacted by a user.

"A PlayNow. com player contacted BCLC's consumer services department to report that he had seen another player's account information," said a statement issued by the company.

"BCLC immediately contacted the other player and very shortly after that made the decision to close down the website so that we could investigate and make a thorough assessment of the situation."

Graydon added the decision to pull down the site was made immediately. The site was offline by late Thursday afternoon.

He added the software for the site is provided by OpenBet, which he said has been in business for more than 11 years.

Graydon said the problem was due to a data crossover — a malfunction during which some players were switched by accident from their own account into someone else's, often without them realizing.

Once people were in another person's account, he said, they had the ability to view the other user's personal information and bet with their money.

Graydon said the issue led to about 134 accounts being compromised.

He said B.C. Lottery Corp. officials have been able to retrace the steps of each account and are now working to reconcile all accounts while also ensuring all winnings are honoured.

He added this review of account activity has also determined that in 12 cases, sensitive personal information was improperly displayed.

Graydon said B.C. Lottery Corp. has been in touch with everyone affected, and is providing services to eight customers to ensure their identity is protected.

He added he does not believe the issue will shake people's confidence in his organization.

Graydon said the data crossover problem resulted from a deluge of traffic, adding that tens of thousands of people came to the site after Thursday's high-profile relaunch of PlayNow. com.

"We had volume assumptions and we tested against those assumptions," he said.

"Obviously our assumptions were incorrect."

On Tuesday, Information and Privacy Commissioner Elizabeth Denham said B.C. Lottery Corp. told her about the issue on Friday, and said she has so far been pleased with its response.

"I think they've been responsible," she said.

"I also think they've been really cooperative and have implemented all of the recommendations we provided to them on redress for affected individuals," she added.

Denham said she would like to see an assurance all issues have been resolved before the site again goes live.

In a statement issued Tuesday, B.C. Lottery Corp said: "PlayNow. com will be restored when a solution is implemented that meets the highest levels of player protection and receives third party approval and regulatory certification."

VIDEO: Watch the report

Vancouver Sun


Delta Draw

"Our first priority was really to our players and making sure we got to them first," he said.  BS I said.

After shutting down the site they should have been up front the same day about why they shut it down. They lied.

The moment they shut down the site the players were protected from further site abuse. All I want to know is how long did it take to notify the players that their credit cards (Debit? ) were stolen? Why not make a public statement in the news and let the players do for themselves what the lottery cannot?

 If anybody that has a Debit card and is reading this,... have nested accounts and only keep available on the card what you are willing to lose. Once it leaves the account, there is no getting it back.  You should make sure you have no overdraft ability with the card, most allow you to over-draw.

One lady lost 25k when her VISA debit card INFO, not the card was stolen. She had all her eggs in one basket and available for debit withdraw. The pin number and all the info is on the magnetic strip. When you swipe the card on a wireless system (RED BOX, Pop machines, etc.) you just transmitted all your info for anyone to recieve. And the thieves do listen, any way they can. The thieves are networked, are international  and this theft is big, in the B's. Any gambling was just a joke and a test, they did not need to win a jackpot, they hit it when they hacked the accounts.


HaveABall's avatarHaveABall

The B.C. Lottery Corp's President and CEO, Michael Graydon, IS a lier.  Michael is apparently yet another person that believes that when one speaks half truth or don't speak about a subject (omission) that thus isn't considered lying ... oh, help us from the sociopaths!




jrosina's avatarjrosina

Quote: Originally posted by pumpi76 on Jul 21, 2010


Pumpi, I like that you LOLed!!! Haha...yes Pumpi a Genius never gives up!!Smiley

HaveABall's avatarHaveABall

Signature line above reads:  "It's not "them", It's you. Everywhere you go there you are!"

Certainly, problems occur when one is no longer there.


End of comments
Subscribe to this news story