Online Casinos in general: Hacker attack on Merkur Bets (Page 21)

Donnie wrote on 11.04.2025 at 08:42: But you are also stupid if you think simply writing to support and demanding compensation is enough. Yes, of course you now get 2K with one sale gebucht🤦‍♂️🤣. It's logical that they reject everything. A lawsuit has to be filed, but even then it can be dismissed or only come out with little, which could not even begin to compensate for the damage that would be possible due to their weak data protection. In my world, we would shut down such businesses completely. Completely confiscate company funds and distribute them to the victims. But that won't happen in our corrupt reality

This post has been translated automatically

Ollid3 wrote on 11.04.2025 at 09:33:

I wouldn't call myself stupid. But thank you. But if, as in the case of SlotMagie, you misrepresent the facts, just stand there as if nothing has happened and want to sell me as stupid, then I guess I can react or.

This post has been translated automatically

Donnie wrote on 11.04.2025 at 09:56:

Stupid is the wrong word, more like naive. They will always talk their way out of it, deny blame and trivialize the matter. Let's assume you are now harmed by a contract or something that you didn't even sign yourself. Is it even possible to prove that the data that was used really came from the casinos? If you can even find someone to blame. The casinos could say that the data was stolen from somewhere else. They have to be fined heavily for leaving the door open, but the customers are only being stamped with peanuts anyway

This post has been translated automatically

frapi07 wrote on 11.04.2025 at 10:08 am:

No, you can't prove something like that. You could have sent your ID for someone else. Misuse can happen in so many ways. An employee steals the data, the company does not dispose of data carriers properly and the data is then restored (especially hard disks are resold and only formatted), a targeted attack... to find conclusions and say that the fraud attempt is 100% from data leak/hack attack XX is almost impossible, unless you take data that you can assign. But no fraudster does this, because this data cannot be used for fraud attempts.

I also don't really understand the displeasure of many here. As if it's a surprise that they're talking it down. Any other company would behave like this. Yes, the behavior is unethical, but we're talking about millions here (even at €25/person, we're easily talking about 100,000 customers), which people are reluctant to pay.

This post has been translated automatically

Danny0815 wrote on 10/04/2025 01:24:

If you have RSV and/or the means to take some financial Risk, you could of course also start an individual lawsuit.

Always assuming you want to sue for damages at all.
If you are successful, you would probably end up receiving a higher amount.
But that's only a dangerous bit of knowledge on my part, I have no expertise in this area.

For me personally, the deciding factor was that I didn't want to take any financial risk (payment only in the event of success & max. 25% of the amount claimed), and I wanted to spend as little time and energy as possible on the matter.
Then, in case of doubt, the annoyance is not so great if nothing or almost nothing comes of it.

This post has been translated automatically

Malganes wrote on 13.04.2025 at 21:46:

I don't have RSV and won't get one in the future because there is no need and an individual claim is out of the question for me. I would have the financial means, but I would rather go through Protectra. That way, they would take on the case(s) and, as you've already written, I would have to spend as little time, energy and stress as possible. What comes out in the end is another matter, but at least you've tried.


One question for everyone here is whether Protectra only communicates with you by email or whether this company also goes by post. I don't want letters from them to end up in my letterbox, as this would only raise unnecessary questions in my environment.

This post has been translated automatically

Malganes wrote on 13.04.2025 at 21:46:

I don't have RSV and won't get one in the future because I don't need it and an individual claim is out of the question for me. I would have the financial means, but I would rather go through Protectra. That way, they would take on the case(s) and, as you've already written, I would have to spend as little time, energy and stress as possible. What comes out in the end is another matter, but at least you've tried.


One question for everyone here is whether Protectra only communicates with you by email or whether this company also goes by post. I don't want letters from them to end up in my letterbox, as this would only raise unnecessary questions in my environment.

This post has been translated automatically

This post has been translated automatically

roccoammo11 wrote on 14.04.2025 at 21:30: I don't think they send letters. they save themselves the money and it's totally unnecessary.

This post has been translated automatically

BigAl87 wrote on April 14, 2025 at 10:39 pm:

I also assume that (almost) everything runs online....but if they need a power of attorney or other court documents to be verified, there is certainly a letter that you have to sign and send back. I don't mind if there's a letter in the letterbox.....my environment knows me as a gambler. But I can imagine that some people don't necessarily want to be branded as "gamblers". I moved from the village to the city....before that there was - a yellow letter in the letterbox -> the whole village was talking about what he had done this time 🙄.....so postal secrecy my ass.

This post has been translated automatically

BigAl87 wrote on 14.04.2025 at 22:39:I also assume that (almost) everything runs online....but if they need a power of attorney or other court documents to be verified, there is certainly a letter that you have to sign and send back.

This post has been translated automatically

Hanshanshans wrote on 14.04.2025 at 22:58:

That also works by mail. Had something to do with a law firm for the last two years (not because of gambling and have done nothing else 😄). Power of attorney etc. was sent by email, I printed it out at home and signed it. Photographed and emailed back to the lawyer.

This post has been translated automatically

This post has been translated automatically

Yvonka wrote on 15.04.2025 at 14:05: I received an email from Merkur-Bets today after I sent them the prescribed text from Protectra.

Boris (MERKUR BETS) 15. Apr. 2025, 08:50 CEST Hello Mrs. ****** thank you for contacting us. We have reviewed your request and can provide you with the following information. Despite extensive security measures, the IT system of one of our service providers was the target of a cyber attack by a so-called white-hat hacker. White-hat hackers act without intent to cause harm and regularly report security vulnerabilities in systems in order to improve the security of IT systems. The official and internal investigation of security vulnerabilities revealed that incorrectly configured interfaces on the website merkurbets.de made it possible for a registered customer to theoretically view the data of other customers. However, the data was not readily accessible, but required a particularly high level of specialist knowledge and the circumvention of various security measures. As far as we are currently aware, no other unauthorized third parties apart from the white-hat hacker were able to access the data. The white-hat hacker has not expressed any intention to pass on or misuse the information obtained. Actions on the Internet are associated with certain risks and cyber security is a continuous process that is subject to ongoing adjustments. Just because the security configurations on a company's website need to be adjusted does not mean that this is due to misconduct on the part of the company or that the company has violated laws or regulations. Nor does such liability arise from the General Data Protection Regulation (GDPR). Furthermore, to the best of our knowledge, no material damage has been caused to our customers, as we have not detected any misuse by or disclosure of the data to unauthorized third parties. Against this background, we therefore do not see ourselves in a position to comply with any request for payment of damages. In cooperation with the supervisory authority responsible for us, which drew our attention to the improvement of the security loopholes, we immediately adjusted them. Against this background, we see no basis for complying with your request. We hope that your request has been answered comprehensively and to your satisfaction. Yours sincerely Your MERKUR BETS Team

This post has been translated automatically

frapi07 wrote on April 15, 2025 at 2:32 pm:
Keep trying to fend everything off. Just a reminder: Zu Guttenberg also initially fended off the plagiarism accusations, calling them "absurd". We all know what the end result is

Just for us: misusing the definition:

1 a. to use (intentionally) incorrectly, contrary to its intended purpose or the like; to use in a dishonest, unauthorized manner [for selfish purposes], to use

The white-hat hacker viewed and evaluated data records --> misuse took place, as this is a) unauthorized b) for selfish purposes and c) that was not the actual purpose of the data records. Consent should have been obtained from everyone for this.

However, the misuse could have been made more difficult and/or prevented with certain security measures. It doesn't matter whether the hacker had in-depth know-how. Most hackers have in-depth knowledge, which is why high security standards must be in place - that certainly can't be an excuse.

Edit: the assumption that no customers suffered damage is irrelevant here. Data was leaked and this should not have happened. In the case of the Facebook data leak, no damage was found, yet they won the lawsuit So much for the email.

This post has been translated automatically