Cyberattack Hits Ohio Lottery on Christmas Eve – DragonForce Ransomware Claims Responsibility
On Christmas Eve, the Ohio Lottery fell victim to a cyberattack, prompting the shutdown of crucial systems. While an investigation is underway, the lottery is diligently restoring impacted services, ensuring its gaming system remains fully operational. The incident, claimed by the emerging DragonForce ransomware gang, has left certain services temporarily unavailable, leading to disruptions in prize cashing and information availability.
Impact on Services
The cyberattack has temporarily affected mobile and prize cashing at Super Retailers, with winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots unavailable on the website and mobile app. Despite this, the Ohio Lottery’s gaming system remains functional, allowing customers to check winning numbers at retail locations.
Customers are advised to check winning numbers through retail locations, the Ohio Lottery website, or mobile app. Prize cashing up to $599 can be done at any retailer, while amounts exceeding $600 must be processed through mail or the digital claim form. Unfortunately, the mobile cashing app and Super Retailer locations are unable to cash prizes above $599 at the moment.
The Ohio Lottery acknowledged the cybersecurity incident on December 24, 2023, initiating immediate measures to mitigate the issue. While the state’s internal investigation is ongoing, the lottery apologizes for any inconvenience and is actively working to restore all services.
The attack has been claimed by the recently surfaced DragonForce ransomware gang. Their assertion suggests the encryption of devices and theft of data, including sensitive information like Social Security Numbers and dates of birth. The gang has already posted a portion of the allegedly stolen data on their leak site, emphasizing its substantial volume.
DragonForce claims to have obtained data from over 3,000,000 entries, comprising first names, last names, email addresses, physical addresses, and winning amounts. The leaked data reportedly includes Social Security Numbers and dates of birth for both employees and players, totaling approximately 600+ gigabytes when unpacked.
As the Ohio Lottery navigates the aftermath of this cyberattack, customers are urged to stay informed through official channels. The incident underscores the evolving threat landscape, with emerging ransomware gangs like DragonForce showcasing sophisticated tactics. The state’s commitment to investigating the incident aligns with broader efforts to combat cyber threats in an increasingly digital age.