DragonForce Ransomware Forces Ohio Lottery to Shut Down: Gaming System Still Operational

Hackers claimed they had stolen the Social Security Numbers of the victims.

The Ohio Lottery faced a significant cyberattack on Christmas Eve, prompting the shutdown of crucial systems associated with undisclosed internal applications.

The hacking group behind the breach is the DragonForce ransomware gang who claims to be accountable.

As investigations are underway, the lottery assures users that its gaming system remains fully operational.

Ohio Lottery Hit By Unexpected Data Breach

DragonForce Ransomware Forces Ohio Lottery to Shut Down: Gaming System Still Operational
A data breach on Christmas Eve has prompted the Ohio Lottery to temporarily close its systems following a confirmed attack from the DragonForce ransomware gang. Alejandro Garay from Unsplash

While the gaming system is intact, certain services have taken a hit. Mobile cashing and prize cashing above $599 at Super Retailers are temporarily unavailable.

Winning numbers for KENO, Lucky One, and EZPLAY Progressive Jackpots are not accessible on the website or mobile app but can be obtained at any Ohio Lottery Retailer.

Customer Guidance During the Investigation

Customers are urged to check the Ohio Lottery website and mobile app for winning numbers during this period.

Prizes up to $599 can be claimed at any Ohio Lottery Retailer, according to WKYC, while those exceeding $600 must be processed through mail to the Ohio Lottery Central Office or via the digital claim form.

"On December 24, 2023, the Ohio Lottery experienced a cybersecurity incident impacting some of its internal applications and immediately began work to mitigate the issue. The state internal investigation is ongoing. We apologize for the inconvenience and are working as quickly as possible to restore all services," the lottery said in a press release.

Ransomware Gang Claims Responsibility

Although the Ohio Lottery refrains from attributing the attack to any specific threat actors, the emerging DragonForce ransomware gang has claimed responsibility.

As per Bleeping Computer, the group claimed to have encrypted devices and accessed sensitive data, including Social Security Numbers and dates of birth of those people who participated in the lottery.

Data Breach Details Unveiled

The DragonForce gang asserts that the compromised files contain information belonging to over 3,000,000 individuals, encompassing names, addresses, emails, winning amounts, Social Security Numbers, and dates of birth. The leaked data, weighing over 600 gigabytes, raises concerns about the magnitude of the breach.

DragonForce: A New Player in the Ransomware Arena

While the DragonForce gang is relatively new, their tactics and data leak site suggest a seasoned extortion group. With law enforcement intensifying efforts against ransomware operations, the emergence of new groups like DragonForce raises questions about potential rebranding within the threat landscape.

In an overseas report, the official Facebook page of the Philippines lottery system had been hacked by unknown hackers. At that time, witnesses said that the culprit had been spamming the page with nude photos.

Because of this, the Philippine Charity Sweepstakes Office or PCSO shut down the page for some time as the investigation from the Cybercrime Investigation and Coordinating Center (CICC) continued.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics