A significant breach
The DragonForce ransomware group has claimed responsibility for the Christmas Eve cyberattack on the Ohio Lottery. The infiltrators allegedly gained access to over three million records including names, addresses, winnings, dates of birth, and Social Security numbers of players and employees.
DragonForce sought a ransom within three days
It appears that DragonForce sought a ransom within three days in return for decrypting files and deleting all of the stolen data. The group suggested in a public statement on December 27th that the lottery wasn’t playing ball at the time, saying: “apparently they do not value their customers and employees at all.”
Aftermath of the attack
The breach took place on December 24 and the lottery immediately took steps to try to combat the attack, including taking certain systems offline and bringing cybersecurity experts on board to investigate the damage.
will inform people as soon as possible if their data was compromised
The Ohio Lottery has not confirmed that the attackers accessed customer or employee data. It explained that the investigation is continuing and it will inform people as soon as possible if their data was compromised. The lottery also said that it would help individuals with credit monitoring in the case of any leaks.
While the cyberattack did not prevent people from buying tickets for the main lottery draw, certain games and draw results are not currently available through the mobile app or website. People who are trying to claim prizes worth $600 or more will have to mail their tickets to the Ohio Lottery Central Office or use a digital claim form to get their winnings. Only sums lower than $600 are currently cashable through “Super Retailer” stores or through the app.
A growing concern
Instances of ransomware attacks are on the rise, with many significant attacks taking place in 2023. Little details are known about the DragonForce gang; the group also claims to have hacked more than 20 other entities since the beginning of last month.
Numerous high-profile gambling companies have been victims of these types of breaches. Major casino companies Caesars Entertainment and MGM Resorts International both dealt with such attacks. The former paid a $15m ransom, while the latter refused demands and faced major disruption at its Las Vegas properties for weeks.