Cyber Incident Victim: Holland Casino

On or around Wednesday, May 10, 2023, the initial technical disturbances began for Holland Casino Online. These issues were the first signs of a wider cybersecurity incident targeting their platform provider, Playtech. The problems persisted into the following days, culminating in a more significant service disruption on Friday, May 12. On that day, a substantial portion of the Holland Casino Online platform became unreachable for its players. The platform was partially offline, rendering it inaccessible for an undetermined period. The primary component affected was the sportsbook, which was completely unreachable to users attempting to access it. Other areas of the platform also experienced problems, with players reporting difficulties logging in and encountering issues with the functionality of various games.

The root cause of these widespread technical issues was a distributed denial-of-service (DDoS) attack directed at Playtech, the software provider for Holland Casino Online. This type of cyberattack functions by overwhelming a target's computer systems, networks, or servers with an enormous and unsustainable volume of data traffic. The objective is to render these systems unusable or unreachable to legitimate users, effectively taking the service offline. Holland Casino Online officially confirmed that this DDoS incident was the source of the disruptions impacting their platform. The attack was not isolated to a single entity; because it targeted Playtech's core infrastructure, it caused problems for numerous casinos worldwide that rely on the Playtech platform for their online operations.

The nature of the disruption was not constant but instead occurred in waves. This intermittent pattern meant that the platform's availability was inconsistent throughout the incident period. Services would be restored only for another wave of the attack to cause further degradation, creating an unstable and unreliable user experience. Players encountered problems at various times, with the issues resurging after periods of apparent normality. The duration of the total outage period was relatively short compared to other similar incidents in the industry; after being unavailable for several hours on May 12, the Holland Casino Online platform was restored and became accessible again for casino players.

Holland Casino Online and its provider, Playtech, engaged in continuous communication throughout the event to address the situation. The two organizations worked collaboratively to develop a structural solution to mitigate the attack and prevent further service interruptions. A key point of public communication from Holland Casino Online was the confirmation that the DDoS incident was purely an availability attack. They assured their users that no data breach had occurred as a result of this event. Specifically, the casino stated that at no point were any personal details or customer data compromised or placed in danger. The attack was designed solely to disrupt service operations and not to infiltrate systems to steal information.

In response to the incident and the inconvenience caused to its customer base, Holland Casino Online issued a public statement providing a factual explanation of the events. This communication detailed the cause of the disruptions, the nature of a DDoS attack, and the confirmed impact on data security. The company offered its sincere apologies for the inconvenience experienced by its players and explicitly asked for their understanding while the technical teams worked to resolve the situation. The incident highlighted the inherent risks and dependencies involved when online gambling operators rely on third-party software providers, as an attack on the provider can have immediate and cascading effects on all its clients. This was not an isolated event in the sector, as another online casino, Bingoal, had faced a similar cyberattack that resulted in a multi-day service outage just a month prior.