Ohio lottery hit by serious ransomware attack forcing some system shutdowns

Ransomware attack on a computer
(Image credit: Kaspersky)

The Ohio Lottery apperas to have suffered a ransomware attack which forced it to shut some of its systems down and also allegedly lost sensitive data on millions of its users. 

On December 24, the company issued a press release claiming to have suffered a “cybersecurity incident” that resulted in the shutdown of “some of its internal applications”. 

An investigation is already underway, but the gaming system remains “fully operational”, the company confirmed.

Selling the access

However, mobile cashing, as well as prize cashing above $599 at Super Retailers, are currently not available. “The Lottery will notify the public once these services resume. In the interim, prize claims can still be mailed to the Ohio Lottery Central Office,” the press announcement reads. 

What’s more, winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are also not available on the company website or mobile app. Users can check the results at any Ohio Lottery Retailer, the company said.

The company did not share any details about the threat actors, their methods, or demands, but BleepingComputer has. In its writeup, the publication says DragonForce has claimed responsibility for the attack. This is a relatively new and unknown entrant in the ransomware space.

"More than 3,000,000+ entries, first name, last name, mail, addresses, winning amounts! SSN + DOB records of employees and players,” the group was cited as saying on a dark web page. “The total weight of the leak when unpacked is about 600+ gigabytes." 

For hackers, stealing sensitive identity data from a lottery company is the same as hitting the jackpot (pun definitely intended). Personal data is often used for phishing attacks. These emails typically carry a sense of urgency, which can deter victims from thinking things through before acting. Ohio Lottery players should exercise caution when receiving email messages claiming they have won a grand prize.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.