PAGCOR Hacked, List of 560K Prohibited Individuals Impacted

The Philippine gambling regulator, PAGCOR, has confirmed a qualified data breach that has resulted in the leaking of the watchdog’s National Database of Restricted Persons, although it has refuted accusations that its systems have been breached.

The list is essentially a centralized data trove that stores the names of people who may not gamble legally for various reasons – from being suspected criminals to people who have exhibited strong signs of gambling addiction.

The hackers now seem to suggest that not nearly enough people on that list are excluded because of gambling-related issues.

PAGCOR’s National Database of Restricted Persons Breached

The hacking, led by an international criminal group, has resulted in the leaking of 560,000 names of individuals who are barred from gambling. However, PAGCOR has refuted claims that the list contained the names of many problem gamblers, per se.

The group also turned out to be surprisingly ethical, issuing a statement that accused PAGCOR of being an enabler of addiction, precisely for the reasons that PAGCOR thought were enough to defend itself in the public eye. “PAGCOR, let’s call it what it is: you are an enabler of addiction, whether you like it or not,” the statement read.

The group also confirmed that the list contained names specifically tied to people holding administrative roles in government or public office. PAGCOR has refuted the accusations levelled against it and argued that the hackers had not, in fact, breached its own systems.

Rather, the regulator believes that the NDPR was accessed through a licensed operator, as licensed operators also have access to the list. The swift rebuttal suggests that PAGCOR believes that it has not been compromised.

“The names on the list are not necessarily addicted gamblers; most are government officials who, by law, are not allowed to enter gambling establishments, thus their inclusion in the NDRP,” confirmed PAGCOR assistant VP for GLDD Ma. Vina Claudette Oca.

Only 1,711 or so individuals on the list were, in fact, added there because of self-exclusion issues, but that seems to be the main point the hackers are articulating.

It is not clear if the hackers tried to prove that PAGCOR had failed to add more people to the self-exclusion list because of being, as they described the regulator, “an enabler of addiction.”

One thing remains true regardless.

At a time when the Philippines is talking a lot about strengthening consumer safeguards, this hacking attack should really raise the question: why does it take a group of alleged criminals to point out the painfully obvious truth – that the country is not taking care of vulnerable gamblers.