The Ohio Lottery has had to close several of its primary systems due to a cyberattack that is impacting how the organization pays out some winnings. At this time, prizes over $600 cannot be cashed from the Ohio Lottery due to this ongoing cybersecurity problem.
On Christmas Eve 2023, an undisclosed number of internal applications at the Ohio Lottery were targeted by cybercriminals, with investigations into the attack currently underway. Despite many services being affected by the digital assault, it’s reported that gaming systems are still fully active. However, functions such as mobile cashing and prize cashing for amounts exceeding $599 are presently disabled.
Stay One Step Ahead of Cyber Threats
If you’re lucky enough to have a prize bigger than $600 awaiting collection, these can still be claimed by mailing or digitally sending forms directly to the Ohio Lottery Central Office. After drawings conclude, the immediate effects on players and fans include the inability to receive updates on KENO, Lucky One, and EZPLAY® Progressive jackpots.
In an unexpected turn of events, a group called DragonForce ransomware gang claimed responsibility for this massive disruption — asserting they used encrypted devices during their intrusion along with stolen data containing sensitive information about customers and employees.
Amongst what DragonForce claims to have illicitly seized includes personal identifying details like social security numbers and dates of birth, which belong not just to clients who’ve engaged with the lottery — but also to people working there. As if this wasn’t disturbing enough news for those involved, potentially damaging leaks comprise names and contact details, including residential & mailing addresses plus known winning sums relevant to more than three million entries — which totals almost 600+ gigabytes when unpacked together in one place.
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
