Ohio lottery hit by serious ransomware attack forcing some system shutdowns
It appears the Ohio Lottery suffered a ransomware attack, which forced it to shut down some of its systems and also reportedly lost sensitive data belonging to millions of its users.
On December 24, the company issued a press release claiming to have suffered a “cyber security incident” that resulted in the shutdown of “some of its internal applications.”
An investigation is already underway, but the gaming system remains “fully operational,” the company confirms.
Sell access
However, mobile collection and prices above $599 at Super Retailers are currently unavailable. “The Lottery will notify the public when these services resume. In the meantime, prize claims can still be sent to the Ohio Lottery Central Office,” the news release said.
Additionally, the winning numbers for KENO, Lucky One and EZPLAY Progressive Jackpots are also not available on the company website or mobile app. Users can view the results at any Ohio Lottery Retailer, the company said.
The company did not share details about the threat actors, their methods or requirements BleepingComputer has. In the article, the publication says that DragonForce has claimed responsibility for the attack. This is a relatively new and unknown entrant in the ransomware space.
“Over 3,000,000 entries, first name, last name, email, addresses, winning amounts! SSN + DOB records of employees and players,” the group said on a dark web page. “The total weight of the leak when unpacked is approximately 600+ gigabytes.”
For hackers, stealing sensitive identity information from a lottery company is like winning the jackpot (pun definitely intended). Personal information is often used for phishing attacks. These emails usually carry a sense of urgency, which can prevent victims from thinking carefully before acting. Ohio Lottery players should be cautious when receiving email messages claiming they have won a top prize.