Hacker Claims Responsibility for Malta Gaming Authority Data Breach

Key Points

• A German ethical hacker, Lilith Wittmann, claimed she breached the Malta Gaming Authority and shared extracted data with the media and authorities.
• She warned any extradition attempt would trigger a full public release of sensitive iGaming-related data.
• The Malta Gaming Authority rejected the claims and called them unproven while reaffirming its regulatory role.

Ethical hacker Lilith Wittmann from Germany claims she successfully penetrated the Malta Gaming Authority computer network. The cybersecurity expert published details on LinkedIn on March 20 before removing the post within hours. She distributed extracted data to journalists and law enforcement agencies across Europe according to her statement. Wittmann accused the gaming regulator of facilitating organised crime operations behind a legitimate government facade. Her findings will supposedly expose significant misconduct that demands public attention and action. The hacker indicated more revelations about the breach would emerge over time. She characterised the information as essential for understanding corruption within Malta’s gambling oversight system.

Threats Over Data Release and Legal Action

Legal action from Malta will trigger an immediate data dump according to Wittmann’s explicit warning. The complete archive of iGaming-related information will become public if extradition proceedings begin. Maltese law prescribes up to a decade in prison for hacking government institutions like the MGA. Wittmann expects German officials to deny any extradition request from their Maltese counterparts. She insists the public deserves access to this information regardless of legal consequences. The hacker demanded no contact until she decides to share additional breach details. Prosecution attempts will only accelerate and expand the release of sensitive regulatory data.

Previous Cyber Activity in the Gambling Sector

This marks Wittmann’s second high-profile attack targeting the European gambling industry’s digital infrastructure. Her successful breach of Merkur’s systems during 2025 caused several offshore gambling platforms to cease operations. Security experts have noted her repeated success in exposing vulnerabilities within the gambling sector networks. Regulatory officials knew about the allegations but categorically denied their accuracy or merit. The authority expressed strong opposition to illegal system access and data theft.

MGA representatives defended their operations as fully compliant with stringent regulatory standards and oversight requirements. The accusations lack any factual basis according to the regulator’s assessment of the situation. Twenty years of transparent governance demonstrate the authority’s commitment to proper regulatory practices. The MGA emphasised its dedication to legal compliance and maintaining stakeholder trust. No third party has confirmed whether Wittmann actually breached MGA systems or obtained any data. Releasing sensitive regulatory information could significantly impact gambling oversight throughout the European Union.