A security breach at Merkur, one of Germany’s largest gambling companies, has sparked major concerns over data protection and system stability. The breach may have exposed the personal data of a significant number of players, affecting several of Merkur’s gambling platforms, including Slotmagie, Crazybuzzer, and Merkurbets.
The incident came to light after security researcher Lilith Wittmann published a blog post on Medium on Friday evening.
Wittmann alleged that an unsecured API had left extensive personal data, including full names, account details, gaming histories, and transaction records, potentially accessible to unauthorised users.
Merkur had previously notified players of a security vulnerability and related data exposure on Thursday evening.
