In a significant cybersecurity incident, leading gambling firms Paddy Power and Betfair, both operated by Flutter Entertainment, have confirmed a data breach impacting up to 800,000 customers across the UK and Ireland.
Details of the Breach
Flutter Entertainment disclosed that unauthorized access was detected in July 2025, prompting an immediate investigation. The breach involved the exposure of certain customer data, including:
- Usernames
- Email addresses
- First line of home addresses and city
- Details of recent account activity
- Technical data such as device IDs and IP addresses
The company emphasized that no passwords, identification documents, or usable payment card details were compromised in the incident.
Company Response and Customer Protection
Upon discovery, Flutter Entertainment acted swiftly to contain the breach and remove unauthorized access. The company engaged external IT security experts and notified relevant regulatory authorities, including the UK Gambling Commission and the Information Commissioner’s Office.
All affected customers were directly informed via email and advised to remain vigilant against potential phishing attempts or suspicious account activity. Flutter has reassured customers that, to date, there is no evidence of misuse of the compromised information.
