Further to our article detailing the fact that 3 million online gaming players are being sold openly, which included 315,000 online bingo players from one of the top online bingo sites in the UK, players are being urged to change their personal details. I can confirm that while the lists were not from either Gala Bingo or Mecca Bingo some of the players on the lists clearly also have account with other Bingo sites such as these two, and use the same usernames and passwords.

Having heard the information I have urged that the ICO and the companies involved personally contact their customers to inform them of the potential risks. Many people in the UK use the same usernames and passwords for a variety of accounts, including banks accounts, email address etc. As the list of details being offered for sale includes, names, address, usernames, passwords, DOB and player history details this is clearly a significant breach and would be a gold mine to any fraudulent person.

The Information Commissioners Office (ICO) have indicated that they do not wish to inform the public of the details at this time. However, I have stressed with them that not only is this contradictory to their own purpose and mission statement, it is putting the public at great risk. They are trying to establish how the breach has occurred and feel that making the information public would compromise their investigation. If there was a fire and people were trapped inside a burning building, the Fire brigades primary focus would be to ensure they put people’s lives first. They would not be carrying out an investigation into the causes of the fire before getting the people out of the burning building. While this might seem a little over the top, not informing the public so that they can change personal information on any accounts they hold is putting them at significant risk.