A 19-year-old hacker was given a one-year and six-month federal prison sentence for his part in an attack on the famous sports betting site DraftKings that cost the company over $1 million. This is a case that sets a new standard for future hackers.
The teenager who has not been named is the first person to be charged with a crime and sent to prison for hacking into DraftKings accounts and betting without permission. On Tuesday, U.S. District Judge Paul Engelmayer called the attack a “tragedy” and then gave the sentence.
He said, “This wasn’t just a scandal; it was a real tragedy.” “This attack sent DraftKings into shock.”
When the hacker used “credential stuffing” to get into thousands of DraftKings accounts in October 2021, the attack happened. Prosecutors say he then used the victims’ money to make “longshot” bets and took out any gains.
DraftKings found out about the breach when users started reporting that money was being taken out of their accounts without their permission. Customers who lost $1.5 million had to get their money back, and the company had to spend over $700,000 looking into what happened.
A DraftKings representative said, “Our customers trust us every time they bet with us.” “We will keep working around the clock to keep bad people from getting to customer data and assets.”
During the punishment hearing, the prosecutors said that the teen hacker was a cybercriminal who didn’t feel bad about what he did. The judge agreed, saying that even though the suspect was young, he acted in a “cold and calculating” way.
Cybersecurity experts say the harsh prison sentence shows how important cyberattacks on private companies are and sends a strong message to people who want to become hackers. Experts say that as sports betting sites like DraftKings become more famous, hackers will try to get more usernames, passwords, and financial information.
He said, “Hackers follow the money, and sports betting sites have become very profitable targets.” Schlecht is the operating partner of the security company BTB Security. “In the future, attacks are likely to be smarter and better planned.”
After the DraftKings breach, cybersecurity experts say that sports betting companies should use strong identity management systems, multi-factor verification, cyber threat intelligence, and regular penetration testing. Experts also stress how important it is to take simple steps like requiring strong passwords and training employees on how to use them safely.
DraftKings says that since the attack, they have put in place new security controls, ways to watch for threats, and plans for how to handle incidents. However, the DraftKings hack shows the problems that the sports betting business still has as it moves into the digital world and grows quickly.
As the number of people betting on sports online and on their phones grows in the U.S., businesses like DraftKings will have to work hard to protect themselves from new cyber risks. After big breaches, there have also been calls for stricter rules from the government to protect consumer data.
The fact that the teenage hacker who attacked DraftKings got a prison sentence shows that cybercrime has legal effects, even for young offenders. Cybersecurity experts hope that the high-profile case will stop other would-be hackers from trying to break into online betting sites and steal money.