Ohio Lottery Cyberattack Compromised 538K Customers
Posted on: May 15, 2024, 10:12h.
Last updated on: May 15, 2024, 10:20h.
The Ohio Lottery has admitted that the names and social security numbers of more than 538K customers were compromised in a cyberattack on Christmas Eve last year.
In a regulatory filing, the lottery said it concluded its investigation into the attack on April 5, adding that there was no evidence the stolen data had been misused by any malicious actors. It didn’t attribute the attack to a group or individual.
However, on December 27, a ransomware group calling itself “DragonForce” claimed responsibility for the breach.
Dark Web Data Dump
DragonForce claimed it swiped 3 million records, or 600GB worth of data, 94 GB of which the group said it had made available for download in CSV format on the dark web. It asserted that dates of birth and home addresses are included in the data dump, which appears to contradict the Ohio Lottery’s filing.
The December 24 attack caused significant disruption to the lottery, impacting its mobile cashing app and ability to process online prize claims exceeding $599, although players were still able to buy tickets.
In letters to the victims, the lottery apologized for the incident, adding that it was “committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it.”
“We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information,” it added.
The lottery said it has offered those affected 12 months of credit monitoring and ID theft protection.
What is DragonForce?
DragonForce appears to be a new threat actor, and the Ohio Lottery appears to have been its first victim. DragonForce has gone on to target Coca-Cola in Singapore and Yakult Australia.
In mid-March, the government of Palau, an island nation in the Western Pacific, was hit by a ransomware attack that knocked out its computer servers. DragonForce claimed responsibility, but so did another group, LockBit.
Like many other ransomware groups, DragonForce tries to extort money from its victims by locking companies out of their computers until a ransom is paid. Failing that, it blackmails the company by stealing data, which it threatens to release on the dark web.
DragonForce is apparently unrelated to the Malaysian pro-Palestine hacktivist group of the same name whose attacks against government agencies in the Middle East are motivated by politics and not financial gain.
Related News Articles
MGM vs. Caesars: Cybersecurity Expert Rates Hacking Responses
Ransomware Pay Hit Record $1.1B in 2023, Hackers Hunted ‘Big Game’
Casino del Sol in Tucson Fighting Cyber Attack
Most Popular
Genovese Capo Sentenced for Illegal Gambling on Long Island
NBA Referees Expose Sports Betting Abuse Following Steve Kerr Meltdown
UPDATE: Former Resorts World & MGM Grand Prez Loses Gaming License
VEGAS MYTHS RE-BUSTED: The Traveling Welcome to Las Vegas Sign
Most Commented
-
UPDATE: Whiskey Pete’s Casino Near Las Vegas Closes
December 20, 2024 — 32 Comments— -
Caesars Virginia in Danville Now Accepting Hotel Room Reservations
November 27, 2024 — 9 Comments— -
UPDATE: Former Resorts World & MGM Grand Prez Loses Gaming License
December 19, 2024 — 8 Comments— -
FTC: Casino Resort Fees Must Be Included in Upfront Hotel Rates
December 17, 2024 — 7 Comments—
Last Comment ( 1 )
Ohio hacker bro!!!