Reports: PokerBaazi suffers security lapse with users’ data exposed, company denies it

Published on:

According to a report, PokerBaazi, the online poker site, experienced a severe security breach after an internal database holding private user information was posted online for over two months.

Anyone who has access to the IP address of the database may readily access all information due to a system configuration error. As of February 11th, 2023, the size of the exposed data was over 6 GB, and it was continually expanding.

According to XposedOrNot, security researcher Anurag Sen revealed this security problem and has tried to contact PokerBaazi regarding the same. Sen has not received an official response yet, which further states that the user data is still exposed.

More than 6 Giga Bytes of data was exposed according to the discovery on 11 February, and the number is still rising. According to reports, the leaked data included internal logs, “Oauth” tokens, full names, email addresses, and locations.

However, PokerBaazi has issued a statement denying any data breach.

“With the recent report around the alleged security breach on PokerBaazi, we would like to clarify that there is no data breach and our server did not expose any real data pertaining to users,” the statement read.

“This was a testing done at the dummy stage with logs of dummy users to further develop our platform. These dummy accounts/users are used by our internal testers and developers. Moreover, the server had been kept publicly open for establishing a proof of concept with an external and reputed tool which helps in monitoring applications logs so that it can give us a 360-degree view of how our applications are performing,” the statement concluded.