The Ohio Lottery confirmed it was forced to shut down several key systems to contain a cyber hit that affected how it pays out some prizes.
If you’ve recently won money from the Ohio Lottery, a state lottery run by the Ohio Lottery Commission, but cannot currently cash a prize of $600 or more, that’s due to a “cybersecurity issue,” the organization has said.
An attack on Christmas Eve affected an undisclosed number of internal applications, the Ohio Lottery said. The incident is now under investigation, and the lottery is working to restore all impacted services.
Even though the gaming system is still fully operational, the lottery said in a press release that mobile cashing and prize cashing above $599 are currently unavailable.
Prizes over $600 may be mailed to the Ohio Lottery Central Office or claimed using the digital claim form.
“Upon learning of the issue, we took precautionary steps to protect our environment, including disconnecting key systems to contain the issue. The integrity of our games is the top priority of the Lottery, and we assure the public the gaming system is fully operational,” said the lottery.
It added that winning numbers and the next jackpot for all draw games are updated as soon as the drawing is complete. However, currently the winning numbers for KENO, Lucky One, and the updated EZPLAY® Progressive jackpots are not available.
The attack has already been claimed by the fairly new DragonForce ransomware gang.
The threat actors claim to have encrypted devices and stolen data, including Social Security Numbers and dates of birth. The allegedly stolen files contain information belonging to Ohio Lottery customers and employees.
"More than 3,000,000+ entries, first name, last name, mail, addresses, winning amounts! SSN + DOB records of employees and players. The total weight of the leak when unpacked is about 600+ gigabytes," the gang said.
DragonForce is still quite mysterious at this point. However, DragonForce seems to be a pro-Palestinian hacktivist group located in Malaysia, operating in the vein of Anonymous and seeking political goals.
Analysts say the gang relies on unsophisticated and publicly available attack tools such as Hammer and DDoS-Ripper. It has a website and a forum, which has grown to 13,000 members and over 11,000 discussion threads.
Your email address will not be published. Required fields are markedmarked