The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve.
While the incident is now under investigation, and the lottery is working to restore all impacted services, its gaming system is still fully operational.
Customers can also check the Ohio Lottery website and mobile app for winning numbers while the incident is being investigated and systems are being brought back online, according to a separate advisory.
They can also cash prizes up to $599 at any Ohio Lottery Retailer location, but those over $600 must be mailed to the Ohio Lottery Central Office or claimed using the digital claim form.
While the state lottery has not linked the incident to any known threat actors or hacking groups, the attack has already been claimed by the newly surfaced DragonForce ransomware gang.
The attackers claim to have encrypted devices and stolen data during the attack, including Social Security Numbers and dates of birth.
A new entry added to the DragonForce data leak site suggests that the allegedly stolen files contain information belonging to Ohio Lottery customers and employees.
Not much is known about the DragonForce ransomware gang, and while they are a new operation, their tactics, negotiation style, and data leak site indicate an experienced extortion group.
With law enforcement disrupting ransomware operations, it would not be surprising if this was a rebrand of a previous gang.
First American takes IT systems offline after cyberattack.
Capital Health Hospitals hit by cyberattack causing IT outages.
Staples confirms cyberattack behind service outages, delivery issues.
Mortgage giant Mr. Cooper says customer data exposed in breach.
Panasonic discloses data breach after December 2022 cyberattack.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 27 Dec 2023 22:15:33 +0000