Wisconsin Man Hacks Online Sports Betting Accounts

A Wisconsin man has been charged for his role in a plot to hack thousands of online sports betting accounts, and the case is already generating plenty of ripple effects throughout the industry.

This ordeal is problematic for a bunch of reasons—many of them painfully obvious. Account hackings and overall identity theft are endemic to today's society. All around the globe, we're increasingly reliant on technology and the internet. In many ways, life is made more convenient by this shift. Nevertheless, this news is a good reminder of the risks involved when conducting so much business and so many transactions online.

On a smaller scale, uncovering this plot raises concerns among supporters holding out hope for online sports betting in Wisconsin.

The state has already legalized in-person sports betting. However, they've been reluctant to add mobile wagering to the fold. Opponents have mostly spotlighted concerns about underage gambling and driving revenue toward out-of-state companies. The attempt to hack—and then potentially sell—information from thousands of online sports betting accounts is no doubt going to be a sticking point, as well.

What exactly happened in this case? And could there be any ramifications for Wisconsin sports betting, either now or sometime down the line? Read on to find out.

This Was Not a Hack Exclusive to Wisconsin Sports Betting

Details of the charges filed in this case have been fudged. While the defendant is from Wisconsin, they were not just trying to take control of Wisconsin sports betting accounts. This was a plot that could have impacted bettors all across the United States. Here's more from a report by Kerry Breen of CBS News:

"The man charged in the case, Joseph Garrison, 18, surrendered Thursday in New York City. Garrison has been charged with conspiracy to commit computer intrusions, unauthorized access to a protected computer, unauthorized access to a protected computer to further intended fraud, wire fraud conspiracy, wire fraud, and aggravated identity theft. According to the complaint, Garrison launched what's called a 'credential stuffing' attack" on the unnamed betting website. During such an attack, the hacker collects stolen usernames and passwords, typically obtained from large-scale data breaches. Those credentials are then systematically used to access accounts.

"Garrison and others, who the complaint does not name, allegedly accessed 60,000 accounts on the betting site in November 2022. In some cases, Garrison and the other parties were able to add a new payment method to the account, and then withdraw existing funds in the account and credit them to that payment method. Using this method, Garrison and the others stole about $600,000 from 1,600 accounts."

Authorities have still not released the name of the online betting site hacked by Garrison and his accomplices. It also isn't immediately clear whether the attack was targeted to a specific state or section of the country or if it was more of an at-large hack. The latter seems more likely given what has been uncovered by police. Their findings also suggest the attack could have been much worse.

When police in Madison, Wisconsin raided Garrison's home, they discovered "nearly 40 million username and password pairs" on his computer, in addition to "hundreds of configuration files for different corporate websites." Upon being questioned, Garrison reportedly admitted to being involved with other credential stuffing schemes in the past.

Will This Case Have an Adverse Impact on Wisconsin's View of Online Sports Betting?

While this massive credential stuffing scheme from a local resident isn't going to help the future of online sports betting in Wisconsin, it's probably not going to leave much of a dent in the subject one way or the other. The demand for Wisconsin online sports betting is on the rise among residents and certain lawmakers. That's not going to change. The financial benefits of legalizing online sports betting in Wisconsin are too lucrative.

Even opponents of it have routinely admitted as much. It still feels like a matter of time before the state transitions to mobile wagering. Certain experts believe Wisconsin is just waiting for on-site tribal operators to get their bearings and establish a footprint in the market beforehand. This would theoretically make it easier for them to compete with top online sportsbooks in the United States.

If anything, this credential stuffing case will put operators themselves under the microscope. More specifically, their security systems will be brought to the forefront. Bettors want to know their information is safe. That's why many still prefer not to use domestic sportsbooks. Operators abroad are considered to have superior security measures because they've been serving a larger customer base for a long period of time.

Lawmakers inside the United States harp on the safety concerns of gambling offshore, but there are plenty of reputable sites that crack our reviews of the best online sportsbooks. Meanwhile, this widespread hack does nothing to build goodwill within the domestic sports betting market. Whichever company was hacked could face severe decline if and when their name is released. Then again, as CBS News noted, police found configurations for a bunch of different corporate websites on the defendant's computer. There's a chance he had access to even more online sports betting accounts.

For the time being, it's best to treat this as a valuable reminder: Your information is never totally secure. And that makes it more important than ever to carefully, meticulously choose your preferred online sportsbook.

Take a look at this list of the top online sportsbooks so you can find one that works for all of your sports betting needs: