DraftKings hit by account takeover attack
Incident
Summary
Hide ▲
Show ▼
The DraftKings customer-account compromise exposed 60,000 accounts through credential stuffing and enabled theft from affected users. Attackers added payment methods under their control to 1,600 accounts, turning account access into direct financial fraud. DraftKings later said 67,995 customer accounts were compromised, indicating the intrusion was broader than the initial disclosure. The incident shows how reused passwords can turn a single-platform login attack into large-scale account takeover and loss.
Related Happenings
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law Enforcement
H score39
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
How related:
Joseph Garrison received an 18-month imprisonment sentence in January 2024, while Kamerin Stokes received a 30-month sentence in April 2026.
About this happening:
**Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
Kamerin Stokes sentenced for DraftKings account-selling scheme
Law EnforcementHow related: Joseph Garrison received an 18-month imprisonment sentence in January 2024, while Kamerin Stokes received a 30-month sentence in April 2026.
About this happening: **Kamerin Stokes** was **sentenced to 30 months in prison** for selling access to **tens of thousands of hacked DraftKings accounts**, closing a federal **cybercrime** case that a...
DraftKings hit by network compromise
Incident
H score35
First: 17.04.2026 10:10
Last: 17.04.2026 10:10
Sources 1
About this happening:
**DraftKings** suffered a **credential-stuffing account compromise** that exposed nearly **68,000 accounts** and enabled theft from roughly **1,600 accounts**. Attackers reused cr...
DraftKings hit by network compromise
IncidentAbout this happening: **DraftKings** suffered a **credential-stuffing account compromise** that exposed nearly **68,000 accounts** and enabled theft from roughly **1,600 accounts**. Attackers reused cr...
Fraudulent Google and Bing banking-phishing campaign targeting American citizens
Campaign
H score30
First: 24.12.2025 15:17
Last: 24.12.2025 15:17
Sources 1
About this happening:
A **phishing campaign** using **fraudulent Google and Bing ads** targeted **American citizens** and harvested bank credentials for **account takeover**, causing direct financial h...
Fraudulent Google and Bing banking-phishing campaign targeting American citizens
CampaignAbout this happening: A **phishing campaign** using **fraudulent Google and Bing ads** targeted **American citizens** and harvested bank credentials for **account takeover**, causing direct financial h...
November 2022 betting-website credential-stuffing campaign
Campaign
H score42
First: 15.12.2025 18:45
Last: 15.12.2025 18:45
Sources 1
How related:
In November 2022, DraftKings disclosed that hackers accessed customer accounts through credential stuffing attacks that exploited weak passwords or reused login credentials.
About this happening:
The **November 2022 credential-stuffing campaign** against a **betting platform** compromised **more than 60,000 accounts** and drove about **$600,000** in theft from affected cus...
November 2022 betting-website credential-stuffing campaign
CampaignHow related: In November 2022, DraftKings disclosed that hackers accessed customer accounts through credential stuffing attacks that exploited weak passwords or reused login credentials.
About this happening: The **November 2022 credential-stuffing campaign** against a **betting platform** compromised **more than 60,000 accounts** and drove about **$600,000** in theft from affected cus...
Latest development: 25.06.2026 00:55
Nathan Austad, aka "Snoopy," was sentenced to 18 months in prison for his role in the DraftKings credential-stuffing campaign tied to the November 2022 account takeover. He had pleaded guilty to conspiracy to commit computer intrusion and admitted that he and co-conspirators compromised 60,000 DraftKings user accounts, added payment methods to 1,600 accounts, and stole $600,000.
Large group of crypto thieves campaign expands across multiple victims
Campaign
H score21
First: 19.11.2025 14:13
Last: 19.11.2025 14:13
Sources 1
About this happening:
A **multi-victim social-engineering campaign** that compromised **cryptocurrency accounts** has now been tied to guilty pleas, underscoring the scale of the theft operation and th...
Large group of crypto thieves campaign expands across multiple victims
CampaignAbout this happening: A **multi-victim social-engineering campaign** that compromised **cryptocurrency accounts** has now been tied to guilty pleas, underscoring the scale of the theft operation and th...
Timeline
-
25.06.2026 00:55 2 articles · 1h ago
DraftKings hit by account takeover attack
Initial DisclosureIn **November 2022**, attackers used reused credentials to access DraftKings customer accounts. They then added payment methods to compromised profiles and stole money from affected users.
Show sources
- DraftKings hacker 'Snoopy' sentenced to 18 months in prison — www.bleepingcomputer.com — 25.06.2026 00:55
- DraftKings hacker 'Snoopy' sentenced to 18 months in prison — www.bleepingcomputer.com — 25.06.2026 00:55