While identity theft is no joke, we can’t help but notice that the recent Paddy Power breach struck online gamblers. Nearly 650,000 user credentials were stolen, and according to statistics, many of those credentials will also work for those users’ bank accounts and other online accounts.

The aspect of this incident that is the most puzzling is that Paddy Power has known since 2010 that there was a breach. Rather than alerting users, they simply conducted a security audit and updated their technology. Could it be that Paddy Power, the Irish gambling site, gambled on the assumption that the breach would go unnoticed?

Online entities that ask for authentication credentials have a responsibility to their users to keep that information secure. When users place their trust in us, that is no small thing. Robust security is not optional in today’s economy – it is essential.