Ohio lottery hit by serious ransomware attack forcing some system shutdowns

News
By published

Hackers hit the jackpot by stealing sensitive data on lottery users

Ransomware attack on a computer
(Image credit: Kaspersky)

The Ohio Lottery apperas to have suffered a ransomware attack which forced it to shut some of its systems down and also allegedly lost sensitive data on millions of its users. 

On December 24, the company issued a press release claiming to have suffered a “cybersecurity incident” that resulted in the shutdown of “some of its internal applications”. 

An investigation is already underway, but the gaming system remains “fully operational”, the company confirmed.

Selling the access

However, mobile cashing, as well as prize cashing above $599 at Super Retailers, are currently not available. “The Lottery will notify the public once these services resume. In the interim, prize claims can still be mailed to the Ohio Lottery Central Office,” the press announcement reads. 

What’s more, winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are also not available on the company website or mobile app. Users can check the results at any Ohio Lottery Retailer, the company said.

The company did not share any details about the threat actors, their methods, or demands, but BleepingComputer has. In its writeup, the publication says DragonForce has claimed responsibility for the attack. This is a relatively new and unknown entrant in the ransomware space.

"More than 3,000,000+ entries, first name, last name, mail, addresses, winning amounts! SSN + DOB records of employees and players,” the group was cited as saying on a dark web page. “The total weight of the leak when unpacked is about 600+ gigabytes." 

For hackers, stealing sensitive identity data from a lottery company is the same as hitting the jackpot (pun definitely intended). Personal data is often used for phishing attacks. These emails typically carry a sense of urgency, which can deter victims from thinking things through before acting. Ohio Lottery players should exercise caution when receiving email messages claiming they have won a grand prize.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Ransomware
Top cannabis brand Stiiizy says hackers got access to its systems
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
A group of 7 hackers, 6 slightly blurred in the background and one in the foreground, all wearing black with hoods pulled up over their heads. You cannot see their faces. The hacker in the foreground sits with an open laptop in front of them. The background, behind the hackers, is a Chinese flag
China government-linked hackers caught running a seriously dangerous ransomware scam
ransomware avast
The biggest addiction treatment provider in the US says it was hit by data breach
Ransomware
Lee Enterprises blames cyberattack for encrypting critical systems as US newspaper outages drag on
Code Skull
Blood donation giant warns of issues following ransomware attack
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Latest in News
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
More about security
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
Logitech Rally Bar Huddle main image

I tested the Logitech Rally Bar Huddle - see what I thought of this smart all-in-one conferencing solution
See more latest
Most Popular
Nintendo Sound Clock: Alarmo
Nintendo Sound Clock: Alarmo gets new update with more customizable features ahead of the Switch 2 Direct
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Teenager playing on a gaming PC with two monitors
Samsung's OLED monitors are about to get much cheaper - and it's about time
Apple Watch Ultra 2 timer
The Apple Watch is getting a sleep alarm upgrade it probably should have had 10 years ago
Nikon Z5
The Nikon Z5 II could land soon – here's what to expect from Nikon's rumored entry-level full-frame camera