Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
MERKUR GAMING

MERKUR GAMING Vendor Cyber Rating & Cyber Score

merkur-gaming.com

Welcome to the MERKUR GAMING experience! Innovation, Passion, Tradition – these are the fundaments on which MERKUR GAMING is built. As the international sales and development brand of adp MERKUR GmbH, MERKUR GAMING is part of the German-based MERKUR GROUP.


MERKUR GAMING A.I CyberSecurity Scoring

MERKUR GAMING
Company Information
Website:http://www.merkur-gaming.com
Employees number:410
Number of followers:15,802
NAICS:7132
Industry Type:Gambling Facilities and Casinos
Homepage:merkur-gaming.com
MERKUR GAMING Risk Score (AI oriented)
Between 650 and 699
logo
MERKUR GAMINGGambling Facilities and Casinos
Updated:
27/03/2026
690/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
MERKUR GAMING Global Score (TPRM)
xxxx
logo
MERKUR GAMINGGambling Facilities and Casinos
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

MERKUR GAMING
MERKUR GAMINGWeak
Current Score
690B (WEAK)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
694Before Incident
JUNE 2026
694Before Incident
MAY 2026
692Before Incident
APRIL 2026
691Before Incident
MARCH 2026
689Before Incident
FEBRUARY 2026
689Before Incident
JANUARY 2026
688Before Incident
DECEMBER 2025
686Before Incident
NOVEMBER 2025
685Before Incident
OCTOBER 2025
683Before Incident
SEPTEMBER 2025
682Before Incident
AUGUST 2025
681Before Incident
FEBRUARY 2025
768Before Incident
Breach
01 Feb 2025MERKUR GAMING
Merkur: Player data leaks: Inside iGaming’s cyber crisis

Surge in Cyberattacks Targeting iGaming Industry

670After Incident
CRITICAL-98
MER1774614662
iGaming Industry Faces Escalating Cyber Threats as Player Data Becomes Prime Target The iGaming sector is grappling with a surge in cyberattacks, exposing vulnerabilities in an industry that handles vast amounts of sensitive player data. Since February 2025, cyber incidents targeting online and land-based casino operators have risen by 400%, signaling a shift from opportunistic attacks to systematic targeting, according to Cris Kuehl, chief data officer at Continent 8 Technologies. The industry’s appeal to cybercriminals lies in its centralized data troves identity documents, payment credentials, behavioral patterns, and geolocation data all stored within single platforms. Unlike fragmented datasets in other sectors, a single breach in iGaming can yield a complete digital profile, enabling identity theft and financial fraud beyond the platform itself. Security maturity has failed to keep pace with the sector’s rapid expansion. While larger operators invest heavily in cybersecurity, smaller operators often treat it as a regulatory checkbox, creating a patchwork ecosystem with weak links. Cultural pressures to prioritize speed over security exacerbate the issue, with leaders deprioritizing controls in favor of rapid market expansion. This "ship now, harden later" mentality, as described by XGENIA CEO Mark Flores Martin, accumulates "security debt," leaving systems vulnerable. Third-party risks further compound the problem. Operators rely on an extensive network of suppliers payment processors, game studios, KYC providers each representing a potential entry point. The 2024 Merkur breach in Germany, traced to a vulnerability in platform provider The Mill Adventure, exposed data from 800,000 users, highlighting the dangers of insecure APIs, overprivileged access, and unpatched software. Regulators, including Germany’s LDI NRW, have flagged insecure APIs as a recurring weakness, enabling attackers to access user data or exploit technical details for deeper infiltration. Credential-based attacks remain a persistent threat. Phishing, password reuse, and stolen credentials allow attackers to bypass defenses without needing to "break in," as Kuehl notes. Multi-factor authentication (MFA) and continuous monitoring could mitigate risks, but adoption remains inconsistent. Detection delays worsen breaches, with prolonged undetected access enabling attackers to escalate privileges and exfiltrate data. Regulatory frameworks like GDPR have improved breach response but fall short in prevention. Enforcement is slow, and the lack of sector-specific cybersecurity standards leaves operators with vague compliance requirements. The EU’s NIS2 Directive may tighten obligations, but fragmented jurisdictions and talent shortages with millions of unfilled cybersecurity roles globally hinder progress. Emerging AI-driven threats pose new challenges. "Agentic AI attacks" can autonomously identify and exploit vulnerabilities at scale, while behavioral analytics and automation offer defensive potential if paired with strong foundational practices. Experts warn that AI amplifies existing weaknesses rather than compensating for them. The stakes extend beyond fines and operational disruptions. Trust, the cornerstone of player relationships, erodes with each breach. Transparency and timely communication are critical, yet many operators treat incidents as PR crises rather than operational failures. Regulators emphasize the need for clear disclosure, even when not legally required, to help users mitigate risks. As regulatory scrutiny intensifies and threats evolve, the iGaming industry’s ability to protect player data will determine its long-term viability. Without treating cybersecurity as a core operational risk, vulnerabilities will persist, leaving the odds of a breach uncertain.
INCIDENT DETAILS -
TYPE
Data BreachCredential-based AttackThird-party Breach
MOTIVATION
Financial FraudIdentity TheftData Exfiltration
IMPACT
Identity DocumentsPayment CredentialsBehavioral PatternsGeolocation DataOperational Impact: Prolonged undetected access enabling privilege escalation and data exfiltrationBrand Reputation Impact: Erosion of trust, treated as PR crises rather than operational failuresIdentity Theft Risk: High, due to complete digital profiles exposed in breachesPayment Information Risk: High, due to payment credentials exposure
DATA BREACH
Identity DocumentsPayment CredentialsBehavioral PatternsGeolocation DataNumber Of Records Exposed: 800,000 (Merkur breach)Sensitivity Of Data: High (complete digital profiles)Data Exfiltration: Enabled by prolonged undetected accessPersonally Identifiable Information: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for MERKUR GAMING ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in June 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in May 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in April 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in March 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in February 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in January 2026 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in December 2025 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in November 2025 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in October 2025 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in September 2025 ?
?
What was MERKUR GAMING's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on MERKUR GAMING's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with MERKUR GAMING ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view MERKUR GAMING's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?
MERKUR GAMING Cyber Scoring History | Rankiteo