Please note an important security flaw has been found in Ultimate Bet and Absolute Poker software which could allow hackers to access poker players accounts and hole cards in real times. The security flaw lies in the encryption procedure. The flaw was first exposed on a popular Poker Site, and quickly spread around the online poker community.
The Kahnawake Gaming Commision Issued the following Statement:
The Commission has been advised of a security issue concerning the CEREUS poker network used by the Absolute Poker and Ultimate Bet poker sites. The issue concerns the mechanism used by CEREUS for network transmissions having a potential for player data to be improperly accessed under certain specific circumstances.
The Commission is actively reviewing this matter with senior management of Absolute Poker and Ultimate Bet and with its Approved Agents. The Commission will issue a further notice of its findings as soon as this review is completed. The Commission is monitoring immediate measures that are being taken to address the security issue and is advised that a more permanent solution is to be implemented on an urgent basis.
Based on information available at this time, it appears unlikely that player data was actually compromised. However, this possibility will be reviewed further and, if necessary, the Commission will direct that the appropriate remedial actions be taken. Until a solution to the security issue is fully implemented, the Commission recommends that players use caution when accessing the Absolute Poker or Ultimate Bet sites, in particular when using a public network (wired or wireless) or a private wireless network. For further information, please contact the Kahnawake Gaming Commission at
Ultimate Bet issued the following statement on their blog
One hour ago, I learned about an article posted today on Poker Table Ratings (PTR) regarding an issue with the local encryption that we use on the Cereus Poker Network. For those of you not familiar with the issue, PTR was able to crack our local encryption method. I wanted to blog to make sure our players and the poker community know how seriously we take this issue.
I would like to start by reminding everyone that someone would have to have the technical capabilities to crack the encryption method we currently use and they would also have to hack into your local network in order to gain access to sensitive data. We are currently working on implementing a new encryption method and we expect to have it live in a matter of hours.
I would also like to say that I am very embarrassed and upset that this issue was not caught by our internal staff or through the countless audits we’ve been through this year and last year. We’ve invested a great deal of money into all types of security and I am very shocked that this was not identified by us or the many third party auditors we’ve employed.
Needless to say we plan to find new security resources and third parties to help us test this solution and make sure we provide you with the absolute best security that money can buy.
I would also like to thank PTR for identifying this issue and sharing it with us and the poker community.
We will continue to update you on this issue but we will not rest until it is fixed and as I stated earlier, we plan to have this issue resolved within a matter of hours.
Apparently experienced coders believe that the matter will take much more than a couple of hours to fix. In the meantime be aware of this flaw and we will bring you up to date details when we have them.