Dexiga, a Nevada-based software startup behind the WinStar app, has confirmed that it has secured an unprotected database containing customer information that was accessible online.
WinStar, which is the largest land-based casino in the world, runs a mobile app called My WinStar. The app allows users to manage their hotel stay, access rewards, and view casino earnings.
According to a report in TechCrunch, Dexiga left one of its logging databases exposed online without the correct security measures. This allowed anyone with the database’s public IP address to access WinStar customers’ personal data through a web browser. After being notified of the potential breach by TechCrunch, Dexiga took the database offline to mitigate the risk.
The exposed database contained personal information, including names, contact details, and addresses. While some information was obscured, it was not encrypted.
WinStar Customer Data Exposed in Mobile App Security FailureDespite assurances from Dexiga, there has been no further information released regarding the extent of the data breach and whether affected individuals will be notified. Dexiga stated that investigations are ongoing and pledged to take appropriate measures to prevent future incidents.
As of now, WinStar has made no public announcement in relation to the security breach.
