Connect with us

Hi, what are you looking for?


Data Breaches

500,000 Impacted by Ohio Lottery Ransomware Attack

The Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals.

The Ohio Lottery cyberattack conducted last year by a ransomware group has impacted more than half a million individuals, the lottery said this week.

The incident came to light in late December 2023, after the Ohio Lottery announced shutting down some systems in an effort to contain the breach. 

At around the same time, a seemingly new ransomware group named DragonForce took credit for the attack.  

The hackers have since made available more than 90 Gb of files (in .bak backup format) allegedly stolen from the Ohio Lottery. They claim to have obtained more than 1.5 million records of employee and player information, including names, email and postal addresses, winnings, dates of birth, and social security numbers.  

It’s worth noting that the ransomware group initially claimed to have stolen 3 million records.

The Ohio Lottery told the Maine Attorney General on Thursday that roughly 538,000 individuals are impacted. The report sent to the AG and the letter sent to impacted individuals confirms that full names and social security numbers have been compromised.

The organization says it has no evidence that the stolen information has been or will be misused, but it has decided to offer free credit monitoring and identity theft protection services to impacted individuals. 

The DragonForce leak website currently names more than 40 victims from around the world. 

Cyble reported recently that it had found a DragonForce ransomware binary based on LockBit Black ransomware, suggesting that DragonForce used a leaked LockBit Black builder to generate its binary. 

Advertisement. Scroll to continue reading.

Related: City of Wichita Shuts Down Network Following Ransomware Attack

Related: Brandywine Realty Trust Hit by Ransomware 

Related: LockBit Takes Credit for City of Wichita Ransomware Attack

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights