Security News > 2023 > January > FanDuels warns of data breach after customer info stolen in vendor hack

"Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients," reads a FanDuel 'Notice of Third-Party Vendor Security Incident' seen by BleepingComputer.

"On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident."

FanDuel also stressed that this was not a breach of their systems or FanDuel user accounts and that the hackers did not acquire "Passwords, financial account information, or other personal information" during the breach.

While the security incident notification did not name the third-party vendor that was breached, FanDuel confirmed to BleepingComputer that the third-party vendor was MailChimp.

FanDuel urges customers to "Remain vigilant" against phishing attacks and attempted account takeovers after their data was exposed in this recent breach.

FanDuel also warns customers to update their passwords frequently, enable multi-factor authentication on their accounts, and not click on links in attempted password resets that a customer did not initiate.

News URL

https://www.bleepingcomputer.com/news/security/fanduels-warns-of-data-breach-after-customer-info-stolen-in-vendor-hack/