The Ohio Lottery cyber attack on Christmas Eve resulted in the shutdown of certain internal applications. While the exact details of the cybersecurity incident and the compromised systems have not been disclosed, the lottery has assured the public that its gaming system remains fully operational.
“Mobile cashing and prize cashing above $599 at Super Retailers are currently not available,”
“Additionally, winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are not available on our website or mobile app but can be checked at any Ohio Lottery Retailer.”
Ohio lottery press release published on Wednesday.
Ohio Lottery Cybersecurity Incident Partially Cripples Withdrawls
During the ongoing investigation and restoration of systems, customers are advised to visit the Ohio Lottery website and mobile app to obtain winning numbers.
Prizes up to $599 can be claimed at any Ohio Lottery Retailer location, while prizes exceeding $600 must be submitted by mail to the Ohio Lottery Central Office or through the digital claim form.
The Ohio Lottery mobile cashing app and Super Retailer locations are currently unable to process prizes above $599.
“On December 24, 2023, the Ohio Lottery experienced a cybersecurity incident impacting some of its internal applications and immediately began work to mitigate the issue,”
“The state internal investigation is ongoing. We apologize for the inconvenience and are working as quickly as possible to restore all services. “
Ohio lottery press release.
DragonForce Ransomware Gang Claims the Ohio Lottery Cyber Attack
The Ohio Lottery cyber attack has not been officially linked to any specific threat actors or hacking groups by the state. However, a group called DragonForce has claimed responsibility for the attack.
According to the DragonForce ransomware group, they have encrypted devices and stolen data, including Social Security Numbers and dates of birth, during the incident.
The DragonForce gang has added a new entry to their data leak site, suggesting that the stolen files contain information belonging to both Ohio Lottery customers and employees.
They claim that the leaked data consists of over 3 million entries, including names, addresses, winning amounts, and even employee and player records containing Social Security Numbers and dates of birth. The gang estimates that the total size of the leaked data is approximately 600 gigabytes.
Although not much is known about the DragonForce ransomware gang, their tactics, negotiation style, and the existence of a data leak site indicate that they are an experienced cyber extortion group.
It is possible that they may be a rebranded version of a previous cybercriminal gang, considering the increasing efforts by law enforcement to disrupt ransomware operations.