Threat Actor: DragonForce ransomware group | DragonForce ransomware group
Victim: Ohio Lottery | Ohio Lottery
Price: N/A
Exfiltrated Data Type: Personal data (names and Social Security Numbers)
Additional Information:
- The cyberattack targeting the Ohio Lottery resulted in the exposure of personal data belonging to 538,959 individuals.
- Attackers gained access to names or other personal identifiers in combination with Social Security Numbers of the impacted individuals.
- The Ohio Lottery detected unauthorized access to their internal office network on or about December 24, 2023.
- The incident did not impact the gaming network.
- After an extensive forensic investigation and manual document review, it was discovered on April 5, 2024, that certain files containing personal information were subject to unauthorized access.
- Ohio Lottery is providing impacted individuals with free credit monitoring and identity theft protection services through IDX.
- There is no evidence that the stolen information has been abused in fraudulent activities.
- The DragonForce ransomware group claimed responsibility for the attack and the theft of 94GB of data.
- The group published a message on its Tor leak site, stating that they had exported records from the database into a convenient CSV format and offered the opportunity to download full copies of the databases.
- The group mentioned that they had warned Ohio Lottery about the potential consequences but claimed that the organization did not seem concerned.
On Christmas Eve, a cyberattack targeting the Ohio Lottery resulted in the exposure of personal data belonging to 538,959 individuals. The organization is notifying the impacted people.
Attackers gained access to names or other personal identifiers in combination with Social Security Numbers of the impacted individuals.
“On or about December 24, 2023, the Ohio Lottery detected unauthorized access to our internal office network as a result of a cybersecurity incident that resulted in the exposure of the data we maintain. The incident did not impact the gaming network,” reads the notice of data breach sent to the impacted individuals. “After an extensive forensic investigation and our manual document review, we learned on April 5, 2024 that certain files containing your personal information was subject to unauthorized access.”
Ohio Lottery is providing impacted individuals free credit monitoring and identity theft protection services through IDX.
The company added that there is no evidence that the stolen information had been abused in fraudulent activities.
The DragonForce ransomware group claimed responsibility for the attack and the theft of 94GB of data.
“Long negotiations that seem to have led to nothing, about 1.500.000 records that contain (SSN, DOB) Ohio Lottery clients. This is about 12% of the population of the state of Ohio and these are just our conservative estimates.” reads the message published by the group on its Tor leak site. “Especially for your convenience, we have exported records from the database into a convenient CSV format, and you also have the opportunity to download full copies of the databases. Ohio Lottery themselves were warned that people could suffer, which in general apparently does not bother them at all, these are the consequences of negligence.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cybercrime)
Original Source: https://securityaffairs.com/163012/data-breach/ohio-lottery-data-breach.html