Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Privacy Security

'World's Biggest Casino' App Exposed Customers' Personal Data (techcrunch.com) 10

An anonymous reader shares a report: The startup that develops the phone app for casino resort giant WinStar has secured an exposed database that was spilling customers' private information to the open web. Oklahoma-based WinStar bills itself as the "world's biggest casino" by square footage. The casino and hotel resort also offers an app, My WinStar, in which guests can access self-service options during their hotel stay, their rewards points and loyalty benefits, and casino winnings.

The app is developed by a Nevada software startup called Dexiga. The startup left one of its logging databases on the internet without a password, allowing anyone with knowledge of its public IP address to access the WinStar customer data stored within using only their web browser. Dexiga took the database offline after TechCrunch alerted the company to the security lapse. Anurag Sen, a good-faith security researcher who has a knack for discovering inadvertently exposed sensitive data on the internet, found the database containing personal information, but it was initially unclear who the database belonged to. Sen said the personal data included full names, phone numbers, email addresses and home addresses. Sen shared details of the exposed database with TechCrunch to help identify its owner and disclose the security lapse.

This discussion has been archived. No new comments can be posted.

'World's Biggest Casino' App Exposed Customers' Personal Data

Comments Filter:
  • "They" being WinStar customers.

    On a serious note: The customers don't deserve this, I hope they receive reasonable compensation.

  • by OrangeTide ( 124937 ) on Monday February 12, 2024 @11:44AM (#64234354) Homepage Journal

    I have so many of these silly loyalty and booking apps on my phone because often the website performs poorly or is missing functionality when compared to the App version. I can quickly get info on my flight if I have the Delta app installed, navigating to the website is a pain and it boots you out quickly for inactivity. But all these apps quickly end up getting their notifications blocked because they start putting up notifications that aren't really relevant. At least the Taco Bell app has very fine grained controls for notifications and you can block everything except your order status.

    I guess I'm just an old fogey that bought into the idea that one day we could do everything with a web browser and that the platform we use doesn't matter.

    • by mjwx ( 966435 )

      I have so many of these silly loyalty and booking apps on my phone because often the website performs poorly or is missing functionality when compared to the App version. I can quickly get info on my flight if I have the Delta app installed, navigating to the website is a pain and it boots you out quickly for inactivity. But all these apps quickly end up getting their notifications blocked because they start putting up notifications that aren't really relevant. At least the Taco Bell app has very fine grained controls for notifications and you can block everything except your order status.

      I guess I'm just an old fogey that bought into the idea that one day we could do everything with a web browser and that the platform we use doesn't matter.

      Why? I don't bother installing any airline or "loyalty" apps onto my phone because quite simiply I can do everything I need without them. If an airline tries to force me to install an app to enter some details that becomes their problem when I'm at the airport and they have to get me boarded on time or end up paying me (yay consumer protection laws). I'd rather not have dozens of random apps slurping and leaking my personal data.

      BTW, we are already in the age where everything is done via a web browser a

      • Why? I don't bother installing any airline or "loyalty" apps onto my phone because quite simiply I can do everything I need without them.

        Without the app I have to make a phone call to do some of the things. That's how broken many of these website are.

        • by mjwx ( 966435 )

          Why? I don't bother installing any airline or "loyalty" apps onto my phone because quite simiply I can do everything I need without them.

          Without the app I have to make a phone call to do some of the things. That's how broken many of these website are.

          Then why do business with them? I've dealt with most American carriers (Delta is pretty much the only big carrier I haven't flown, Spirit as well but I've sat next to a boarding Spirit flight and they made the Ryanair crowd seem classy in comparison).

          Better yet, petition to get your consumer protection laws beefed up to the point where it's more expensive to have an unusable web site.

          My experience with "apps" is the opposite, especially for smaller companies/clubs. Had an "app" where I had to register

  • Mafioso would be a bit better at security than some random medium-sized business, but that’s obviously not the case.
    • by Slayer ( 6656 )

      Look at the enchrochat story ... the mafia is just as gullible and incompetent as your next C level executive.

      • by mjwx ( 966435 )

        Look at the enchrochat story ... the mafia is just as gullible and incompetent as your next C level executive.

        The difference is, if a Mafia Don screws up he gets banged up or bumped off, if a C-Level screws up, they still get their bonus.

Disclaimer: "These opinions are my own, though for a small fee they be yours too." -- Dave Haynie

Working...