http://www.cardpl
ayer.com/poker-news/article/4279/owner-of-ultimatebet-confir
ms-security-breach
By Bob Pajich
Cardplayer.com
May 29, 2008
Former Employees Had Access to Opponents' Holecards for 21
Months
Tokwiro Enterprises, the company that owns both Absolute
Poker and
UltimateBet, today released a statement confirming that
cheating had
gone on at UltimateBet by people who, according to the
release, "worked
for the previous ownership of UltimateBet prior to the sale
of the
business to Tokwiro in October 2006."
The player or players behind the 18 screen names that were
identified as
being corrupted have not been named. Tokwiro will refund
players their
losses once the investigation is complete. The usernames
that were used
to cheat are: NioNio, Sleepless, NoPaddles, nvtease,
flatbroke33,
ilike2win, UtakeIt2, FlipFlop2, erick456, WhackMe44,
RockStarLA,
stoned2nite, monizzle, FireNTexas, HeadKase01, LetsPatttty,
NYMobser,
and WhoWhereWhen.
The cheating was able to take place because the perpetrators
had access
to what Tokwiro is calling an "unauthorized software
code" that allowed
the cheaters to see their opponents. holecards. The cheating
took place
from March 7, 2006 to Dec. 3, 2007, and it.s not known how
much money
the cheater(s) illicitly won.
As soon as the cheating was suspected, Tokwiro said it
contacted the
Kahnawake Gaming Commission (KGC), the most used online
poker regulatory
commission, to start the investigation. Tokwiro is mandated
to contact
KGC if any suspicious activety might be taking place.
This is the second cheating incident to hit the company
since it
purchased Absolute Poker and UltimateBet. The first occurred
when it was
discovered that several players at Absolute Poker also had
access to
software that allowed them to see opponents. holecards.
The entire press release, which provided a timeline of the
incident,
follows:
MONTREAL, CANADA (MAY 29, 2008) --- Tokwiro Enterprises ENRG
("Tokwiro"), proprietors of UltimateBet.com
("UltimateBet"), one of the
world's largest online card rooms, today announced the
results of its
lengthy investigation into allegations of unfair play, which
was
triggered by concerns about an account named 'NioNio'.
Tokwiro has
worked diligently in cooperation with its regulatory body,
the Kahnawake
Gaming Commission ("KGC"), and with independent
third-party experts to
conduct a thorough investigation that included a
comprehensive review of
hand histories and game data, thorough analyses of software
and network
security, and audits of its security practices and
procedures.
The investigation has concluded that certain player accounts
did in fact
have an unfair advantage, and that these accounts targeted
the highest
limit games on the site. The individuals responsible were
found to have
worked for the previous ownership of UltimateBet prior to
the sale of
the business to Tokwiro in October 2006. Tokwiro is taking
full
responsibility for this situation and will immediately begin
refunding
UltimateBet customers for any losses that were incurred as a
result of
unfair play.
The fraudulent activity was enabled by unauthorized software
code that
allowed the perpetrators to obtain hole card information
during live
play. The existence of this vulnerability was unknown to
Tokwiro until
February 2008 and existed prior to UltimateBet's acquisition
by Tokwiro
in October 2006. Our investigation has confirmed that the
code was part
of a legacy auditing system that was manipulated by the
perpetrators.
Gaming Associates, independent auditors hired by the KGC,
have confirmed
that the software code that provided the unfair advantage
has been
permanently removed.
Throughout the investigation of this incident, Tokwiro's
consistent
priorities have been:
* To permanently remove the ability to engage in unfair
play;
* To complete its investigation and come to a full
understanding of
what occurred;
* To refund the affected customers; and
* To implement measures that prevents future incidents.
The Company said, "We would like to thank our customers
for their
patience, loyalty and support, as well as for their
understanding that
we are doing everything we can to correct this situation.
The staff and
management of UltimateBet are fully committed to providing a
safe and
secure environment for our players, and we want to assure
customers of
our unwavering resolve to monitor site security with every
resource at
our disposal." Investigation Timeline
These are the key events in the course of the incident.
* January 2008: UltimateBet is alerted to suspicions of
unfair play
on the part of the account "NioNio". Within
24 hours, UltimateBet
contacts the KGC to provide formal notice that
UltimateBet has
initiated an investigation of the incident.
* UltimateBet subsequently forwarded a copy of all
related data to
the KGC.
* January 2008: The "NioNio" account and
related accounts are
suspended pending further investigation.
* February 2008: Preliminary findings indicate
abnormally high
winning statistics for the suspect accounts. After
discussions
with the KGC, UltimateBet engages third-party gaming
experts to
assist with the analysis.
* February 2008: Investigators confirm that the suspect
accounts are
associated with individuals who had worked for
UltimateBet under
the previous ownership.
* February 2008: UltimateBet discovers the unauthorized
code that
allowed the perpetrators to obtain hole card
information during
live play. The code was part of a legacy auditing
system that was
manipulated by the perpetrators of the fraud.
* February 2008: UltimateBet immediately removes the
unauthorized
code and works with the KGC and with third-party
auditors to
verify that the security hole has been eliminated.
* March 2008: Six player accounts are confirmed to have
participated
in this scheme. No accounts were deleted at any point,
although
some account names were changed multiple times. The
following
account names are known to have been used in the
fraudulent
activity: NioNio, Sleepless, NoPaddles, nvtease,
flatbroke33,
ilike2win, UtakeIt2, FlipFlop2, erick456, WhackMe44,
RockStarLA,
stoned2nite, monizzle, FireNTexas, HeadKase01,
LetsPatttty,
NYMobser, and WhoWhereWhen.
* May 2008: The investigation confirms that the
fraudulent activity
took place from March 7, 2006 to December 3, 2007.
* May 2008: Gaming Associates certifies that the
software code that
enabled unfair play was removed from UltimateBet
servers in
February of 2008.
* May 2008: Customers affected by this incident are
identified, and
plans for corrective action are reviewed with the
KGC.
Corrective Actions Taken
* The following actions have been taken or are currently
underway as
a direct result of this investigation.
* The security hole identified in UltimateBet's
investigation has
been permanently eliminated.
* UltimateBet is establishing a state-of-the-art
software Security
Center that consolidates and greatly enhances existing
security
capabilities. The first release of the new Security
Center focuses
solely on the immediate detection of abnormal
winnings. Gaming
mathematicians, poker professionals, and security
software
developers have all contributed to the specifications
for the new
Security Center.
* UltimateBet customers are no longer permitted to
change account
names unless they have suffered abuse in chat rooms.
Requests for
changes must be supported by proof of abuse and must
be approved
by the Chief Compliance Officer.
* In addition to its existing security department,
UltimateBet has
established a new specialized Poker Security team of
professionals
dedicated to fraud prevention.
* The refund process will begin immediately. The
accounts associated
with fraudulent activity did not use an unfair
advantage in all
play sessions. Regardless, UltimateBet is refunding
all losses to
these accounts.
* Accounts related to the fraudulent activity have been
disabled,
and the individuals associated with those accounts
permanently
banned from the site.
* UltimateBet has worked closely and transparently with
its
governing body, the KGC and its designated expert
auditors, to
determine exactly what happened, how it happened, and
who was
involved, and has taken action to prevent any
possibility of this
situation recurring.
* Tokwiro is pursuing its legal options in regard to
this incident.
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security
experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
|
