The Ohio Lottery is sending letters to more than half a million customers saying hackers accessed player data in a breach late last year.
“On or about December 24, 2023, the Ohio Lottery detected unauthorized access to our internal office network as a result of a cybersecurity incident that resulted in the exposure of the data we maintain,” according to the notice.
The lotto took immediate steps to contain the threat and started an investigation, the letter says. While the hack didn’t affect the gaming network itself, a forensic investigation determined that “certain files containing your personal information was subject to unauthorized access,” the personalized letter reads.
The impacted data mostly consists of players’ full names, the letter says. But according to a Bleeping Computer report, the DragonForce ransomware gang, which claimed responsibility for the attack, also obtained Social Security Numbers and dates of birth.
In a filing with the Office of the Maine Attorney General, the Ohio Lottery says 538,959 customers were affected. The ransomware crew claims almost triple that number of leaked customer records.
“We have no evidence that any of your information has been or will be misused as a direct result of this incident,” the letter adds.
However, most data breaches of this scale inevitably end up in a sale on the underground web, where fraudsters are keen to leverage the leaked data in phishing campaigns and other scams.
Bitdefender Scamio is a free scam detector and prevention service for anyone with a Bitdefender account. Suspicious about a certain phone call, email, or SMS? Simply describe the situation to our clever chatbot and let it guide you to safety. You can share with Scamio the exact thing you want to check, such as a screenshot, PDF, QR code, or link. Scamio lets you know in seconds if it’s a sham.
If you’re an Ohio Lottery player, consider using a data monitoring service like Bitdefender Digital Identity Protection. DIP lets you instantly find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is up for sale on the dark web.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 24, 2024
December 19, 2024
November 14, 2024