Cyber Incident Victim: Flutter Entertainment
Date:
Apr 2015
Location:
Isle of Man
Summary
Multiple online poker platforms, including Flutter Entertainment's Betfair, experienced service disruptions due to distributed denial-of-service (DDoS) attacks, which flooded servers with excessive traffic and rendered games unplayable. The attacks caused widespread login failures, severe lag, disconnections, and forced tournament cancellations across affected sites. While Betfair confirmed the incident and restored operations, other platforms like PokerStars faced prolonged connectivity issues linked to compromised hosting infrastructure. These attacks align with prior incidents targeting online poker networks, where attackers overwhelmed systems to disrupt services and financial operations, highlighting recurring vulnerabilities in the gaming sector's infrastructure to such volumetric attacks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In mid-April 2015, multiple online poker platforms experienced severe service disruptions attributed to distributed denial-of-service (DDoS) attacks. The incident began on Friday, April 10, and persisted through Monday, April 13, affecting several major operators. Betfair, a prominent gambling company later acquired by Flutter Entertainment, officially confirmed its websites, sportsbook, and betting exchange became inaccessible due to a DDoS attack. The company's technical team successfully resolved the issue by Tuesday, April 14, restoring normal operations. Unibet also reported being targeted by similar attacks during this period. While PokerStars did not formally confirm an attack, widespread customer reports indicated severe technical issues including login failures, gameplay lag, frequent disconnections, and tournament cancellations or suspensions across its platform throughout the four-day period. Technical evidence suggested infrastructure vulnerabilities, as one of PokerStars' six hosting providers—Manx Telecom on the Isle of Man—remained completely offline even after other hosts showed full connectivity restoration, indicating potential routing problems through the compromised node.
The attacks involved malicious actors flooding gaming servers with excessive communication requests, overwhelming their capacity to process legitimate traffic. This technique caused severe latency issues and complete service outages across affected platforms. PokerStars implemented multiple technical interventions during the incident, though persistent connectivity issues at Manx Telecom complicated resolution efforts. Historical precedent existed for such attacks in the online poker industry, notably a December 2014 incident where the Winning Poker Network (WPN) canceled a $1 million guaranteed tournament after suffering DDoS attacks that caused frozen tables and player timeouts. During that earlier event, WPN had initially paused tournaments twice for technical repairs before ultimately refunding all participants when mitigation attempts failed. The April 2015 attacks similarly disrupted scheduled tournaments and routine gameplay across multiple operators, though Betfair achieved full service restoration within approximately 24 hours of its confirmed outage period.