The Ohio Lottery was compelled to close down some key techniques after a cyberattack affected an undisclosed variety of inner purposes on Christmas Eve.
Whereas the incident is now underneath investigation, and the lottery is working to revive all impacted companies, its gaming system continues to be absolutely operational.
“Cell cashing and prize cashing above $599 at Tremendous Retailers are at the moment not accessible,” the lottery mentioned in a press launch revealed Wednesday.
“Moreover, profitable numbers for KENO, Fortunate One, and EZPLAY Progressive Jackpots aren’t accessible on our web site or cellular app however might be checked at any Ohio Lottery Retailer.”
Prospects may verify the Ohio Lottery web site and cellular app for profitable numbers whereas the incident is being investigated and techniques are being introduced again on-line, based on a separate advisory.
They’ll additionally money prizes as much as $599 at any Ohio Lottery Retailer location, however these over $600 should be mailed to the Ohio Lottery Central Workplace or claimed utilizing the digital declare type.
The Ohio Lottery cellular cashing app and its Tremendous Retailer places aren’t cashing any prizes above $599.
“On December 24, 2023, the Ohio Lottery skilled a cybersecurity incident impacting a few of its inner purposes and instantly started work to mitigate the problem,” it added.
“The state inner investigation is ongoing. We apologize for the inconvenience and are working as shortly as potential to revive all companies. “
Assault claimed by new ransomware gang
Whereas the state lottery has not linked the incident to any recognized risk actors or hacking teams, the assault has already been claimed by the newly surfaced DragonForce ransomware gang.
The attackers declare to have encrypted gadgets and stolen knowledge throughout the assault, together with Social Safety Numbers and dates of beginning.
A brand new entry added to the DragonForce knowledge leak web site means that the allegedly stolen information include data belonging to Ohio Lottery prospects and staff.
“Greater than 3,000,000+ entries, first identify, final identify, mail, addresses, profitable quantities! SSN + DOB information of staff and gamers. [..] The entire weight of the leak when unpacked is about 600+ gigabytes,” the gang says.
Not a lot is thought in regards to the DragonForce ransomware gang, and whereas they’re a brand new operation, their techniques, negotiation type, and knowledge leak web site point out an skilled extortion group.
With regulation enforcement disrupting ransomware operations, it might not be shocking if this was a rebrand of a earlier gang.