November 9, 2016 By Rick M Robinson 2 min read

Online fantasy sports gaming is growing by leaps and bounds, along with a host of other online games, such as themed games like World of Warships. For online gamers, that is the good news.

The bad news is that fantasy league security risks are also growing. Players all too readily provide their personal data to startup firms in an emerging but turbulent industry. These firms may be less careful than they should be regarding both the amount and type of personal data they collect.

Casual Fans and Instant Gratification

Online gaming is fundamentally a branch of e-commerce. Game vendors seek to monetize users who are effectively placing bets on real-world players participating in actual sporting events. These transactions involve the same security issues as any other form of e-commerce. Players provide sensitive credit card information and other personal data that could be valuable to marketers. This information needs to be safeguarded.

But two factors distinguish the new generation of fantasy sports and other online gaming from the sort of e-commerce practiced by brick-and-mortar stores. Because the product is virtual, it becomes available as soon as a user signs up. This instant gratification makes users more eager and less careful than when buying a product that needs to be delivered.

The immediacy and casual appeal of these new fantasy sports services also sets them apart from older, rotisserie-style fantasy sports in which players build fantasy teams to compete over a full season. Those leagues appeal most to serious sports fans, while even casual fans can enjoy — and hope to profit from — single-game fantasy sports.

Security challenges apply to any product or service that is immediately available on-demand. Like weak passwords, carelessness with casual products is a fact of life. But there are some more twists that further contribute to fantasy league security risks.

A Turbulent Industry

According to Bloomberg BNA, because new fantasy sports products are essentially sports betting services, they have drawn the interest of cybercriminals aware of the enormous — and often careless — cash flow. Thus, fantasy sports sites are particularly liable to be targeted for attacks.

Adding to this risk is the turbulent nature of the industry. According to ESPN, industry leaders have been bold to excess in their growth plans and are engaged in particularly bitter competition.

This has led to a decline that has temporarily set back the industry, though no one expects something so popular to disappear completely. But a shaky industry of aggressive competitors is all too liable to cut corners on expenses, including security protections. These concerns apply not only to sports games but to other fast-growing forms of casual online gaming where security may be similarly porous.

Managing Fantasy League Security Risks

Fantasy league security risks also apply to firms whose own networks might be compromised if criminals get their hands on employees’ personally identifiable information (PII). Spear phishing email attacks, for example, can exploit data about employees’ fantasy sports activities to trick them into letting their guard down — and letting malicious actors enter corporate networks.

In the long term, it will be in the industry’s own interest to promote security awareness and high security standards, for their customers’ protection and their own.

More from Data Protection

Why safeguarding sensitive data is so crucial

4 min read - A data breach at virtual medical provider Confidant Health lays bare the vast difference between personally identifiable information (PII) on the one hand and sensitive data on the other.The story began when security researcher Jeremiah Fowler discovered an unsecured database containing 5.3 terabytes of exposed data linked to Confidant Health. The company provides addiction recovery help and mental health treatment in Connecticut, Florida, Texas and other states.The breach, first reported by WIRED, involved PII, such as patient names and addresses,…

Addressing growing concerns about cybersecurity in manufacturing

4 min read - Manufacturing has become increasingly reliant on modern technology, including industrial control systems (ICS), Internet of Things (IoT) devices and operational technology (OT). While these innovations boost productivity and streamline operations, they’ve vastly expanded the cyberattack surface.According to the 2024 IBM Cost of a Data Breach report, the average total cost of a data breach in the industrial sector was $5.56 million. This reflects an 18% increase for the sector compared to 2023.Apparently, the data being stored in industrial control systems is…

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today