A German security researcher has taken responsibility for breaching the Malta Gaming Authority’s (MGA) systems, claiming to have accessed sensitive information, including operator compliance files and player records. Lilith Wittmann, who identifies as an ethical hacker, made allegations last week on social media that were later removed. She asserted that the material she possesses links the MGA to organized crime in Malta’s gambling industry. On March 17, the MGA acknowledged the security breach and initiated its internal response protocols, emphasizing that it was treating the incident with the utmost seriousness, although it did not provide specific details about the accessed data.
Wittmann publicly confessed to the hack in a tweet on March 20. In her message, she stated, "And yes, we will expose the organised crime enablement schemes you created while presenting yourselves as a 'legitimate public service.'”
In response, the MGA condemned Wittmann's actions, describing them as “unacceptable and incompatible with lawful engagement with public institutions and established governance frameworks.” The authority dismissed her allegations as “unsubstantiated” and reaffirmed its commitment to transparency, due process, and the rule of law. It highlighted that it operates within a solid legal and regulatory framework while fulfilling its duties with integrity and accountability.
Wittmann has previously been involved in ethical hacking within the gambling sector. In March 2025, she exposed a significant player data breach affecting German gaming sites operated by Merkur Gaming, where unsecured APIs allowed access to sensitive information belonging to approximately 800,000 player accounts. At that time, she revealed through her blog that she accessed highly sensitive player data, including banking details and sign-up information, via a GraphQL query. This incident raised concerns about the security measures necessary for operators and their third-party suppliers. The German regulator (GGL) did not impose strict penalties on the impacted companies during that situation. Wittmann also warned that the GGL could be implicated if hackers used the breached information to acquire more player data from the regulator.
