Cyber Incident Victim: Ohio Lottery Commission
Date:
Dec 2023
Location:
United States of America
Summary
The Ohio Lottery experienced a cybersecurity incident impacting certain computer systems, prompting precautionary measures including disconnecting key systems to contain the threat. While the gaming system remained unaffected—ensuring ticket purchases and prize claims under $600 at retailers remain operational—some services were disrupted, including the inability to cash prizes above $599 via mobile apps or Super Retailer locations, requiring mail-in claims instead. The organization engaged external experts and notified law enforcement, with an ongoing investigation to determine the incident's scope, potential compromise of employee or customer data, and specific impacted information types. No misuse of data has been identified, though updates for select game results and jackpots remain temporarily unavailable during system restoration efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 24, 2023, the Ohio Lottery Commission detected a cybersecurity incident affecting portions of its computer systems. The organization responded by taking precautionary containment measures, including disconnecting key systems to isolate the threat. Immediate internal investigation efforts commenced, with external cybersecurity professionals engaged to assist in determining the scope and impact of the breach. Law enforcement authorities were notified as part of standard incident response protocols. The Lottery confirmed its gaming systems remained fully operational throughout the event, maintaining that ticket purchases and game integrity were unaffected. Prize redemption continued for amounts under $600 at retail locations, though claims above this threshold required mail submission to the Central Office due to temporary limitations in digital claim processing capabilities.
The incident caused partial disruption to specific information services, including real-time updates for KENO and Lucky One winning numbers, along with EZPLAY Progressive jackpot displays. Mobile cashing applications and Super Retailer locations temporarily suspended processing for prizes exceeding $599 pending system restoration. Forensic analysis remained ongoing to identify compromised data categories and affected individuals, with no evidence of information misuse reported at the time of disclosure. The Lottery established a dedicated communication channel through its website and telephone support while maintaining prize claim verification functionality via retail locations and digital platforms. Organizational updates emphasized commitment to notifying potentially impacted parties in accordance with legal requirements once the investigation conclusively determines data exposure parameters. System restoration timelines and potential credit monitoring remedies remained undetermined pending completion of the forensic examination.