Malware
Massive Ohio Lottery Ransomware Attack: Shocking Impact on Over 538,000 Individuals
The Ohio Lottery experienced a ransomware attack, compromising the personal information of over 538,000 individuals. The cybercriminals behind the attack demanded a ransom of 50 bitcoin, which the Lottery refused to pay. The affected data includes names, addresses, social security numbers, and birth dates of past winners and employees.
Imagine waking up on Christmas Eve to find out that your personal information has been compromised in a cyberattack. That’s precisely what happened to over 538,000 individuals when the Ohio Lottery experienced a data breach on December 24, 2023.
In a filing with the Office of Maine’s Attorney General, it was revealed that the attackers gained access to names, Social Security numbers, and other personal identifiers. Thankfully, the Ohio Lottery assured that the gaming network was not affected by the incident.
Even though no evidence of fraud using the stolen information was found, the Ohio Lottery provided free credit monitoring and identity theft protection services to all potentially impacted individuals, just to be on the safe side.
DragonForce Ransomware Gang Claims Responsibility
While the Ohio Lottery didn’t disclose the nature of the incident, the DragonForce ransomware gang claimed responsibility for the attack a few days later. The group stated that they encrypted devices and stole documents belonging to both customers and employees of the Ohio Lottery.
On December 27, the ransomware group mentioned on their dark web leak site that they had stolen over 3 million records. After negotiations failed, the gang leaked four .bak archives and multiple CSV files on January 22, allegedly taken from the Ohio Lottery’s systems.
According to DragonForce, the 94 GB of leaked data contains 1.5 million records with Ohio Lottery clients’ names, Social Security numbers, and dates of birth.
DragonForce ransomware seems to be a relatively new operation, having exposed its first victim in December 2023. However, their tactics, negotiation style, and data leak site suggest that they are an experienced extortion group. With nearly four dozen victims listed on their leak site and law enforcement disrupting many ransomware operations recently, it’s possible that this group is a rebrand of a previously known gang.
DragonForce ransomware also claimed responsibility for a cyberattack that impacted Japanese probiotic beverage manufacturer Yakult’s IT systems in Australia and New Zealand in mid-December. Yakult disclosed the attack after the ransomware gang leaked what it claimed to be 95 GB of data stolen from the company’s compromised servers.
Don’t Let This Happen to You
Cyberattacks are becoming more and more sophisticated, and the stakes are higher than ever. With personal information at risk, it’s crucial to stay informed and take proactive steps to protect yourself and your data.
We’re here to help. Our IT Services can assist you in staying up-to-date with the latest cybersecurity threats, providing guidance on how to safeguard your information and helping you navigate the ever-changing digital landscape.
Contact us today to learn more about how we can help you stay secure in this increasingly interconnected world. And don’t forget to keep coming back for the latest cybersecurity news and updates.