The latest scandal to touch the Absolute Poker / UB network continues to unfold this week, as key players from Cereus stepped up to address player’s concerns.

The story so far: Last week, online poker data site PokerTableRatings announced that they had uncovered a flaw in Cereus’ security that could allow 3rd parties to compromise player accounts, giving hackers access to funds, information and hole card data.

For a full explanation of the flaw, check out the original PTR report.

To date, there are no confirmed cases of this exploit actually being employed. Nevertheless, concern about the weakness – especially in light of past scandals involving UB and AP – spread quickly throughout the poker community, and traffic to the network plummeted accordingly.

Perhaps learning from the mistakes of the past, officials at Cereus were quick to respond to this issue. Paul Leggett, COO of Cereus parent company Tokwiro Enterprises, issued a response to PTR within a few hours, and now additional details of the network’s plan to beef up security have emerged.

Those details have come in the form of a comprehensive FAQ regarding the security issues posted on UB’s website. We’ve excerpted the most vital aspects of the post below:

How can you assure me that the site is secure currently? After we learned of the vulnerability, we immediately began implementing an improved method for encrypting data as it transmits between player’s Clients and our Servers. We released the new and improved method in less than 24 hours after learning about the vulnerability. We consulted a team of hackers in order to help us develop this solution, which includes complicated random keys in combination with MD5 encryption. We have also employed this team of hackers to continually attempt to crack this solution, while we finish our implementation of the Open SSL standard for encrypting data between player’s Clients and our Servers. These hackers have been provided with the exact details of how we currently encrypt the data and we’ve asked them to use that information and attempt to crack the current encryption we are using. So far they have been unsuccessful at cracking the current encryption solution. They have assured us that the methods we are currently using are secure and that it will take enormous amounts of resources and time to try to crack this method even with access to our code. They continue to work on cracking this code but we are confident that no one will be able to hack this solution. We will also plan to release a new version of our software on Friday, May 14th, 2010, that will be based on the Open SSL standard.

Cue the “hackers on UB’s payroll again” jokes in 3… 2 … 1.

Read the full FAQ.

Also forced to blog about the issue: UB mouthpiece Joe Sebok, who is sounding less and less like a fan of UB these days. Is it just us or does he sound like he’s distancing himself from UB in this excerpt?

Whether it is hand-histories, ownership issues, or security ones like the one above, often I am not in a position to directly answer them as I do not work in Costa Rica at the home offices and actually help run the company. I advise, and again, try to serve as a conduit for information to flow through when issues are brought up, but in truth I don’t often have the answers. I wasn’t with UB when many of the negative issues originally happened and thus don’t always know the answers, but I want to be able to put Paul in a position where he can answer them. I am hoping that this will bring more truth into the light and hopefully assuage people’s fears.

… and if it doesn’t sound that way there, it certainly does in the next paragraph, where Sebok references the hand histories from the original UB scandal that he’s still trying to produce for the community:

I always have some frustration at the time that it takes to get things sorted out, as well as the fact that there are some issues on the UB side with retrieving the data occasionally, I’m usually told that are based in the fact that the Cereus network was began not too long ago and much of that data is held elsewhere. I would like Paul to write a blog explaining the issue there as well…

Read the full blog post from Sebok.

Updates as events warrant.

Get regular poker news updates – become a fan of PartTimePoker on Facebook.