"pwned"? Beware of data theft!

Swisslos has noticed that there have been systematic login attempts on www.swisslos.ch recently. It is suspected that the corresponding login data was misused in the past by data theft on various non-Swisslos websites. This type of data theft is called "pwned".

What does the term "pwned" stand for?

"pwned" is a cybercrime term. It means that hackers crack company databases in order to obtain access data such as e-mail addresses, telephone numbers and passwords. Data collected in this way is then used for random login attempts on other websites, where, if successful, criminal acts are carried out. This is exactly what Swisslos has discovered in the recent past. It is important to note that Swisslos has not been the victim of theft, but that stolen data has been used for login attempts at Swisslos.

Assess the danger correctly

It is important to know that a stolen combination of password with e-mail address or user name may already be several years old and is therefore no longer up to date, because it is no longer used anywhere for logging in. The danger of being able to log in anywhere at all with such a combination must therefore be put into perspective. Nevertheless, caution is advised because there is always a basic risk - you rarely really know all the logins you have ever used.

How can you protect yourself?

Ideally, you should never use the same password on multiple websites. You should also change your password as often as possible.

How does Swisslos protect its customers?

  • Swisslos constantly monitors its systems. If unusual movements or actions are detected, technical measures can be taken.
  • After multiple incorrect entries, an account is temporarily blocked and can only be unlocked if a new password has been set. This in turn is only possible if one has access to the e-mail box.

How do I find out if I am affected?

In most countries there is a reporting obligation for hacked companies. If a hacked company discloses what information has been stolen, it will be recorded in the database of the website www.haveibeenpwned.com. There you have the possibility to enter your e-mail address and find out if your data was included in a reported data theft. The matching process is risk-free, as you only enter your email address for verification.

Log in to your Swisslos gaming account and change your password. Choose a password that you don't use anywhere else or use a secure password generator. There are various reliable apps for this purpose. In principle, we recommend using different passwords for different services on the Internet and changing them regularly.

Choose secure passwords!

Follow some simple and effective password rules to be better protected:

  • Use unique passwords (never use a single password in more than one place).
  • Choose combinations of upper and lower case letters, numbers and special characters for your passwords
  • Do not choose passwords that are related to your person or your family (e.g. names, birth dates, etc.)
  • Use long passwords with at least 12 characters. Each character increases security
  • Do not choose words that are in dictionaries
  • Change your passwords regularly