PlayNow leaks info and crashes

News on 20 Jul 2010

The news that the British Columbian provincial government’s new online gambling website, Playnow.com, had crashed shortly after launch has been followed by startling revelations that private visitor information on the site may have leaked.
The British Columbia Lottery Corporation, which operates the site, said that unexpectedly high traffic caused the server to crash, making it necessary to pull it down for repair and beefing up.
However since then the BC Minister of Housing and Social Development Rich Coleman, has told CTV News that visitors’ information may have leaked.
“It does appear that some information — because of all the data hitting at once — might have been displayed on somebody’s computer, so we are dealing with that,” he said, without giving any further explanation.
The opposition political party the NDP believes the website crashed because it was hacked, although it has no hard evidence to support that claim.
“Experts have made assertions that hacking was a possibility,” Shane Simpson, NDP critic for housing and social development told the Vancouver Sun newspaper. “But the most concerning thing is that the government and BCLC has not been definitive that there wasn’t some kind of activity that breached the security of the site.”
According to Simpson, BCLC had offered $10 credits to users of PlayNow in order to generate demand on the day of the launch.
“They knew there was going to be a lot of people coming to the site, yet the site crashed before it even left the ground,” said Simpson. “That raises a series of questions as to what occurred here, but the government doesn’t seem prepared to be clear as to what occurred.”
PlayNow’s home page shows the message: “Your browser was not able to connect to the remote site, probably because they are too busy or having problems. Please try refreshing your browser, or try again later.”
“It clearly wasn’t a minor technical difficulty because the site has been shut down for days,” said Simpson. “They’re expecting people to put significant personal information and credit card information on there,” said Simpson. “The government simply has to be more transparent if they want people to have confidence in their site.”
The Vancouver Sun quotes a technology expert as saying that it is possible for hackers to fool a server into thinking it is overloaded.
“A hacker can unleash an army of sleeping computers called ‘bots,’ which can start generating traffic on a server and overwhelm it,” said Vaclav Vincalev, president of Pacific Coast Information Systems. “If the site is not prepared for it, it would become extremely slow or crash in the end.”
Once a site’s security has been breached, it is possible to steal information even when the website is still up and running, and to hack into any visitor’s computer, Vincalev claimed.
“The bottom line is [BCLC] was not prepared to go online,” he told the newspaper. “Whether they were not prepared with enough technology, underestimated the number of users, or did not expect to get attacked … they just underestimated what they were doing.”

Related and similar