DraftKings, Inc. Data Breach Lawsuit Investigation

DraftKings, Inc. has reported a security incident that exposed limited personal information for two Massachusetts customers. If you received a notice dated October 2, 2025, you may be entitled to compensation and no-cost identity protection. Request a free, confidential case evaluation today.

Key Details at a Glance

• Company: DraftKings, Inc.
• Industry: Digital sports entertainment and gaming
• Breach disclosed to regulators: October 2, 2025
• Incident discovered: September 2, 2025
• Total individuals affected: 2 (Massachusetts)
• Notice mailed: October 2, 2025

What Happened?

On September 2, 2025, DraftKings detected unauthorized log-in attempts on certain customer accounts. The attacker used stolen credentials obtained from a non-DraftKings source to access DraftKings accounts. The company’s investigation found no evidence of a breach of DraftKings’ internal systems, nor evidence that full payment card data, government ID numbers, or other highly sensitive customer information were accessed.

Information Involved

If your account was affected, the attacker could have viewed:

• Name and address
• Date of birth
• Phone number and email address
• Last four digits of a payment card
• Account balance and prior transaction history
• Date your password was last changed
• Profile photo

Company Response

DraftKings states that it:

• Initiated an internal investigation immediately after discovery
• Forced password resets for potentially affected customers
• Implemented mandatory multi-factor authentication for DK Horse logins
• Added technical safeguards designed to block similar attacks

Protecting Yourself After the DraftKings, Inc. Data Breach

DraftKings recommends the following steps:

• Reset passwords for your DraftKings account and any other site where you use the same or similar credentials. Use strong, unique passwords for every account.
• Monitor statements and credit reports for unfamiliar activity. Free credit reports are available at annualcreditreport.com or by calling 1-877-322-8228.
• Consider a fraud alert or credit freeze with the three nationwide credit bureaus to make unauthorized credit applications more difficult.
• Report suspected identity theft to law enforcement and the Federal Trade Commission (ftc.gov/idtheft).

Legal Options & Free Case Review

Companies that fail to safeguard customer data may be liable for resulting damages. Individuals affected by the DraftKings breach could be entitled to:

• Reimbursement for fraud-related losses
• Costs of credit monitoring and identity restoration
• Statutory damages where allowed by state law

Complete our quick form or call to find out if you qualify.

Company Overview

• Official website: draftkings.com
• Headquarters: 222 Berkeley St, Boston, MA, USA
• Founded: 2012
• Employees: 1,001–5,000
• Ticker: NASDAQ: DKNG
• Industry: Digital Sports Entertainment and Gaming
• LinkedIn: linkedin.com/company/draftkings-inc-
• Wikipedia: DraftKings on Wikipedia

Frequently Asked Questions

What caused the DraftKings, Inc. data breach?

A threat actor used stolen credentials obtained from outside DraftKings to log in to customer accounts on September 2, 2025.

How many people were affected by the DraftKings, Inc. breach?

The company reported the breach to the Massachusetts Attorney General as impacting 2 residents.

Is DraftKings offering free identity-theft protection?

The notice advises customers to change passwords, monitor accounts, and consider credit freezes. No complimentary credit-monitoring service was referenced in the filing.

What personal data was exposed in the DraftKings incident?

Potentially viewed data includes name, address, date of birth, phone number, email, last four digits of a payment card, account balance, transaction history, and profile photo.

Can I sue DraftKings, Inc. for the data breach?

Possibly. State and federal laws allow victims to pursue damages when companies fail to adequately protect personal information. Contact us for a free legal review.