Upon learning of the issue, we took precautionary steps to protect our environment, including disconnecting key systems to contain the issue. The integrity of our games is the top priority of the Lottery, and we assure the public the gaming system is fully operational. We immediately commenced an internal investigation. That investigation is in its early stages and is ongoing.

The Ohio Lottery recently experienced a cybersecurity event affecting our computer systems. Upon learning of the issue, we took precautionary steps to protect our environment, including disconnecting key systems to contain the issue. The integrity of our games is the top priority of the Lottery, and we assure the public the gaming system is fully operational.

We immediately commenced an internal investigation. That investigation is in its early stages and is ongoing.

We are working as quickly as we can to determine the scope and impact of the incident.

We appreciate your understanding as we work through this issue.

1. Is it safe to buy an Ohio Lottery ticket?
   Yes. The cybersecurity incident did not involve the gaming system. It is safe to purchase any Ohio Lottery game.

2. Is the Lottery still cashing prizes?
   Yes. Prizes up to $599 may be cashed at any Ohio Lottery Retailer location.

   Prizes over $600 may be mailed to the Ohio Lottery Central Office or claimed using the digital claim form. To learn more, please visit: https://www.ohiolottery.com/Claiming/HowToClaim.

3. Were any of the game's algorithms affected?
   No. The incident did not involve any Ohio Lottery games or the technology systems on which the Lottery operates.

4. What happened?
   On December 24, 2023, the Ohio Lottery experienced a security incident impacting some of our systems. Immediately upon detecting this activity, the Ohio Lottery took steps to mitigate the threat, including taking certain systems offline. The Ohio Lottery also quickly engaged professionals experienced in handling these types of incidents to assist us with an investigation and to assess the full scope of information impacted. The Ohio Lottery has notified law enforcement.

5. What is the Ohio Lottery doing in light of this incident?
   We are committed to maintaining the privacy of information and integrity of our games. We are investigating to determine how this incident happened and what data may have been impacted. Our investigation is still ongoing. As more information is available, we will provide additional updates.

6. Was employee/customer information impacted?
   We are analyzing our internal systems for any compromise to determine what information was impacted by this incident or is at risk. This investigation is ongoing. We will notify all known impacted individuals as quickly as possible and in accordance with applicable laws. This means that if we learn that your personal information was impacted, we will provide notice in an accepted way.

7. 7. How do I know if my information was involved in this incident?
   We are analyzing our internal systems for any compromise to determine what information was impacted by this incident or is at risk. This investigation is ongoing. We will notify all known affected individuals as quickly as possible and in accordance with applicable laws. This means that if we learn that your personal information was impacted, we will provide notice in an accepted way.

8. Will you be notifying individuals directly of this incident?
   The investigation is ongoing, including identifying specific persons affected and the type of data that was affected. We will notify all known affected individuals as quickly as possible and in accordance with applicable laws. This means that if we learn that your personal information was impacted, we will provide notice consistent with our legal obligations.

9. Will you provide me with credit monitoring services?
   Following the results of the forensic investigation, we will provide appropriate notice, including any appropriate remedies to affected individuals. Given the ongoing investigation, we are not in a position to offer any such services at this time.

10. Does the Ohio Lottery have any reports of actual misuse of Lottery information as a result of this incident?
    The Ohio Lottery is not aware of any misuse or public release of information connected to this incident. We are analyzing our internal systems for any compromise to determine what information was impacted by this incident or is at risk. This investigation is ongoing.

11. How can I check my numbers to see if I won?
    Winning numbers can be checked using the Ohio Lottery website and mobile application or at any Ohio Lottery Retailer.

12. Are the Winning Numbers and Jackpots Up to Date on the Website and Mobile App?
    Winning numbers and the next jackpot for all draw games are updated as soon as the drawing is complete. However, currently the winning numbers for KENO and Lucky One and the updated EZPLAY® Progressive jackpots are not available.

13. Can I use the mobile cashing app or go to a Super Retailer location to cash my prize above $600?
    No, currently the mobile cashing app and our Super Retailer locations are not cashing prizes greater than $599. The Lottery will notify the public once these services resume. In the interim, prize claims can still be mailed to:

    The Ohio Lottery Commission
    The Lausche Building – Room 452
    615 West Superior Avenue
    Cleveland, OH 44113

14. Who can I call for assistance?
    You can contact us phone at (888) 348-3372 or via web here: https://www.ohiolottery.com/Contact-Ohio-Lottery.aspx.

https://ohiolottery.com/security

-----------------

A little-known ransomware gang has claimed responsibility for a cyberattack on the Ohio Lottery that allegedly involved the theft of personally identifiable information.

Officially described as a “cybersecurity event” by Ohio Lottery, the attack occurred on Dec. 24 and affected some systems. The lottery took steps to mitigate the attack, including taking certain systems offline and hiring cybersecurity professionals to assist with an investigation.

Ohio Lottery has neither confirmed nor denied that employee or customer data was impacted, saying only that the investigation is ongoing and that it will notify anyone affected as quickly as possible in compliance with applicable laws.

In an update today, Ohio Lottery told a local media outlet that “while the cybersecurity incident investigation is ongoing, the State wants to reiterate that if any consumer data was compromised, it will take all measures to assist with credit monitoring to protect Ohioans.”

Although tickets for the lottery remain available to purchase, the outward sign of system issues is the lottery restricting sales of some games on its website and mobile app. Additionally, prizes of more than $599 cannot currently be cashed through the mobile app or at “Super Retailer” locations. Winners of prizes worth $600 or more must mail their tickets to the Ohio Lottery Central Office to claim their prize.

That the “cybersecurity incident” remains ongoing and that the lottery took certain systems offline points to a ransomware attack and a new ransomware group has claimed responsibility: DragonForce.

Bleeping Computer reported Wednesday that the DragonForce ransomware gang has claimed on its leaks site that it stole data during the attack. That includes more than 3 million records covering names, addresses, email addresses, winning amounts, Social Security numbers, dates of birth, and records of employees and players. The gang claims that the stolen data totals more than 600 gigabytes.

The notice from the gang references an offer to both decrypt files and delete stolen data, suggesting the gang undertook a double-tap ransomware attack — one where data is both encrypted and stolen to pressure the victim into paying a ransom.

Little is known about DragonForce. It could likely involve a group of hackers who have operated as part of other known ransomware and hacking gangs, such as LockBit, but the group has burst onto the scene with force: Ohio Lottery isn’t its only victim. The group has also attacked Yakult Australia and claims to have hacked two dozen other targets since early December.

https://siliconangle.com/2023/12/28/little-known-ransomware-gang-claims-responsibility-cyberattack-ohio-lottery/