The Ohio Lottery is sending knowledge breach notification letters to over 538,000 people affected by a cyberattack that hit the group’s techniques on Christmas Eve.
A submitting with the Workplace of Maine’s Lawyer Common revealed that the incident impacted 538,959 people. The attackers gained entry to the affected folks’s names, Social Safety numbers, and different private identifiers.
“On or about December 24, 2023, the Ohio Lottery detected unauthorized access to our internal office network as a result of a cybersecurity incident that resulted in the exposure of the data we maintain. The incident did not impact the gaming network,” the Ohio Lottery stated.
“After an extensive forensic investigation and our manual document review, we learned on April 5, 2024 that certain files containing your personal information was subject to unauthorized access.”
Ohio Lottery says that no proof was discovered that the stolen data had been used for fraud. Nonetheless, it offers free credit score monitoring and identification theft safety companies to all doubtlessly impacted people “out of an abundance of caution.”
Breach claimed by DragonForce ransomware
Whereas the Ohio Lottery did not reveal the character of the incident, which affected cell and prize-cashing operations, the DragonForce ransomware gang claimed the assault days later.
The menace actors claimed they encrypted gadgets and stole paperwork belonging to each Ohio Lottery prospects and workers.
An entry added to the ransomware group’s darkish internet leak website on December 27 stated the attackers stole over 3 million data. After negotiations failed, the gang leaked 4 .bak archives and a number of CSV information on January 22, allegedly stolen from Ohio Lottery’s techniques.
DragonForce says the 94 GB of leaked knowledge accommodates only one.500.000 data with Ohio Lottery shoppers’ names, Social Safety numbers, and dates of delivery.
Whereas DragonForce ransomware is a comparatively new operation that uncovered its first sufferer in December 2023, the ways, negotiation model, and knowledge leak website recommend an skilled extortion group.
Since their leak website now lists virtually 4 dozen victims and legislation enforcement has been disrupting many ransomware operations in current months, it would not be shocking if this was a rebrand of a beforehand identified gang.
DragonForce ransomware additionally claimed a cyberattack that impacted Japanese probiotic beverage producer Yakult’s IT techniques in Australia and New Zealand in mid-December.
Yakult disclosed the assault after the ransomware gang leaked what it claimed to be 95 GB of knowledge stolen from the corporate’s compromised servers.