Dear PokerStars Game Integrity Team: Please Explain Yourselves

By Eddie Harari
May 09, 2016

Almost every activity we perform in our day-to-day lives involves some kind of risk analysis process. This, of course, includes playing online poker, which I have analyzed here at Cardplayer Lifestyle in the past. We can analyze a risk as long as we have valid data to analyze it.

cyber security

In what made poker headlines a few days ago, but only ever so briefly, PokerStars refunded thousands of dollars to numerous Spin & Go players. The refund was issued to players who participated in games where others were “in violation of our Terms of Service”, as per an email sent by the PokerStars Game Integrity Team. Notably, however, the email simply mentioned that they became aware of an incident, but no specifics are revealed.


When someone decides to play online poker at PokerStars, there’s an assumption that all gameplay is fair and that PokerStars does everything possible to protect the integrity of the game. In other words, every PokerStars customer performs a risk analysis before he/she goes ahead and risks money by playing on their online poker software.

Why Are Security Breach Details Important?

By their own admission, PokerStars discovered a leak in their security system. They admit in their email that gameplay was compromised, and therefore refunded money to all players who may have been affected. While this is commendable, and certainly the right thing to do, I believe that the fact PokerStars has not fully disclosed the details of the incident is a very big problem, for three important reasons:

  1. Customers have not been made aware of the duration of the security breach.
  2. Customers cannot possibly know if the breach has been fixed (i.e., that it was fixed and will not happen again).
  3. Customers cannot check whether they have been refunded the proper amount.

In my opinion, without full clarity regarding the three above-mentioned issues, a customer cannot have enough information to decide whether or not they ought to continue playing on PokerStars’ software.

Once again, the fact that the PokerStars Game Integrity Team disclosed to customers that there was problem in the first place is praiseworthy. Yet, stating: “We regret that we will be unable to answer questions as to how your specific credit amount was calculated. Likewise, we are not at liberty to identify the specific games or player(s) in question. Suffice to say that the offender(s) have been barred from the site and you will not encounter them again” violates a customer’s trust, in my opinion.

When PokerStars customers have real money at risk while playing, full disclosure regarding security breaches is a must; down to the last detail.



Sign up
Eddie Harari
Written By.

Eddie Harari

Eddie Harari has been a cyber security expert and a hacker for over 30 years. He has done private consultant work for a number of governments as well as multinational companies. He has published numerous articles in professional journals and given talks in security conferences around the world. View Eddie’s full credentials on Linkedin.



Stating the obvious

The e-mails you’re talking about concern collusion by players and have nothing whatsoever to do “a leak in their security system”.

Colluders have privacy rights too BY LAW, so you will not be told their identities.

Join The Discussion

Latest Post


Mixed Game Festival VIII

Pokercoaching All Access

WPTGlobal Welcome Offer

Don’t miss our top stories, exclusive offers and giveaways!