Welcome to this week’s edition of ONSEC iGaming Weekly. The past few days underscored how fragile the sector’s digital backbone remains: from state-run lotteries in Europe to regulators in Asia and even affiliate ecosystems worldwide, breaches are no longer isolated IT problems but systemic risks shaping compliance, marketing, and player trust. Whether it’s customer banking data leaking through subcontractors, restricted-person databases slipping into the wild, or SEO campaigns hijacking traffic, the message is clear — every link in the iGaming value chain is now a potential attack surface.
Trends & Analytics
- African iGaming Alliance names first CEO — Sept 10, 2025 – eSports Insider. Peter Kesitilwe, former head of Botswana’s gambling authority, was appointed CEO of the African iGaming Alliance (AIA). AIA, initiated by BetPawa, Betway, 888Africa, and SportyBet, aims to foster ethical, regulated growth across Africa’s online betting markets. Source: Esports Insider
- Germany’s iGaming future under scrutiny — Sept 10, 2025 – iGamingBusiness. New reforms under Germany’s State Treaty on Gaming (GlüStV) are raising questions about future growth. While platforms like Wildz Casino continue to perform well, restrictive regulations pose potential growth barriers. Source: iGB
- New iGaming consultancy launched in Isle of Man — Sept 9, 2025 – iGaming Today. A consultancy aimed at helping operators secure cost-effective gambling licenses in the Isle of Man has debuted, reflecting rising demand for efficient entry into regulated markets. Source: igamingtoday.com
- Smart regulation directory unveiled by SOFTSWISS — Sept 10, 2025 – iGaming Future. The SOFTSWISS Gambling Regulation Directory offers an interactive, jurisdiction-by-jurisdiction overview of global iGaming laws—helpful for operators navigating complex licensing landscapes. Source: iGamingFuture
Law & Regulation
- Philippines regulator backs stricter iGaming oversight — Sept 8, 2025 – iGamingBusiness. The country’s gaming regulator reaffirmed support for increased oversight—ruling out an outright ban—and encouraged responsible compliance as the best path forward for consumer protection. Source: iGB
- SOFTSWISS unveils Global Gambling Regulation Directory — Sept 10, 2025 – iGamingFuture. The tech provider launched an interactive tool mapping iGaming laws across jurisdictions, helping operators navigate compliance requirements and identify market opportunities. The directory is positioned as a global resource for compliance teams. Source: IGaming Business
- IMGL Autumn Conference Highlights Regulatory Debate (Lisbon)– Regulatory discourse intensified as global legal experts convened at the IMGL Autumn Conference in Lisbon. Industry voices, including Marek Plota, discussed the future of cross-border regulation, compliance harmonization, and best practices—setting the tone for global legal coordination. Source: iGaming Express
- Germany’s GlüStV Gains Political Scrutiny at Reform Summit– At a high-profile reform summit, UK regulators came under fire—but Germany’s GlüStV (State Treaty on Gambling) also drew attention for its stringent restrictions that could stifle innovation. Analysts questioned whether Germany’s tight online gaming rules might limit market growth and competitiveness. Source: Talksport
Hacks & Data Breaches
- Luxembourg National Lottery sports-betting platform breach — Sept 5 — RTL Today & LuxTimes. A subcontractor running loteriesport.lu was hacked, exposing sports-betting customers’ names, addresses, phone numbers, bank details, and transaction records (passwords/cards not affected). CNPD and impacted users were notified. Source: LuxTimes
- PAGCOR “restricted persons” database leak — Sept 4 (ongoing fallout) — Philstar & PNA. The Philippines gambling regulator confirmed a leak of its National Database of Restricted Persons (reports cite ~500k entries), sparking privacy and enforcement concerns across APAC markets; PAGCOR says the list is not of “addicted gamblers.” Source: Philstar
- Chess.com disclosure — Sept 4/5 — BleepingComputer & The Record. Breach notices filed in US states revealed 4,541 users affected via a third-party file-transfer tool (no passwords/payments). Not iGaming, but relevant scale/third-party risk for game platforms used in cross-promo and affiliate funnels. BleepingComputer
- Bragg Gaming confirms internal cyber incident — Aug 18 & noted this week – TechRadar & iGamingExpert. The B2B provider suffered an internal systems breach. No customer or personal data was compromised, and operations remain unaffected, though the incident highlights ongoing iGaming supply-chain risks. Source: TechRadar
Final words
As these incidents show, iGaming operators are exposed not only through their own platforms but through regulators, vendors, and even marketing channels that sit beyond their direct control. The challenge is no longer just defending the casino floor — it’s securing the entire digital ecosystem around it. Staying ahead means auditing partners as rigorously as core systems, monitoring unconventional attack vectors, and treating compliance data with the same care as player wallets. In today’s threat landscape, resilience is measured by how well you guard the weakest link.
Stay secure with ONSEC.
Leave a comment