The B.C. Lottery Corporation is urging people who use its online gaming platform to change their passwords amid cybersecurity concerns.
The Crown corporation issued the appeal after malicious actors targeted its PlayNow.com website with an attempt to use passwords stolen from other companies’ websites.
The BCLC operates PlayNow.com in B.C., Manitoba and Saskatchewan.
In a message to users, the BCLC said it spotted an unusual surge in traffic to the website on July 24, which it later determined to be the result of “credential stuffing.”
That’s a cybercrime technique in which attackers try to use email addresses and passwords stolen elsewhere in the hopes that their targets use the same login credentials on multiple sites.
BCLC president and CEO Pat Davis said there was “no evidence” its systems were compromised or that login information was stolen from its website, but called the incident a “cautionary tale” for people with multiple online accounts.
The BCLC said a “small percentage” of its userbase was affected, and that it immediately locked impacted accounts.
It added that it has reported the incident to RCMP, as well as regulators and privacy officials in B.C., Manitoba and Saskatchewan.
While an investigation remains ongoing, the BCLC says users should change their passwords and ensure they are unique from logins used on other websites.