Exclusive: Aussie lottery broker confirms cyber attack

Australian online lottery ticket vendor TheLotter has confirmed cyber attack claims made by a threat actor earlier this month.

TheLotter is a “worldwide online lottery ticket purchasing and courier service” that allows people to participate in lotteries from around the globe.

On Friday, 11 April, a threat actor going by the name “Ponce” listed TheLotter Australia on a popular hacking forum, claiming to have exfiltrated data belonging to 201,617 customers.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

According to the listing, compromised data includes first names, last names, addresses, order dates, IP addresses, and “status.”

Cyber Daily has been unable to access the listing due to the hacking forum suffering an outage.

However, responding to Cyber Daily’s request for comment, TheLotter confirmed that a cyber incident had occurred.

“As part of our commitment to transparency and customer trust, I can confirm that the incident involved a limited leak of internal game logs used by our audit systems,” a company spokesperson told Cyber Daily.

VIEW ALL

“Importantly, there was no breach of our production database, and no sensitive information such as passwords, payment details, phone numbers, or email addresses was accessed or published.”

Cyber Daily has asked TheLotter whether the data the threat actor claimed to have stolen was affected and is awaiting a response.

“Following our internal investigation, we immediately notified the affected customers and are actively assisting them with guidance on how to take proactive steps to further enhance the security of their accounts,” said the spokesperson.

“We take these matters very seriously and continue to invest in strengthening our infrastructure, improving internal safeguards, and ensuring full compliance with our regulatory obligations.”

While lotteries and similar gambling companies are often used by scammers as a mask, this is not the first time one has fallen to a cyber incident.

The DragonForce ransomware group listed New Zealand-based EvoEvents on its dark web leak site on 8 June 2024.

The threat group added that it had allegedly exfiltrated 6.14 gigabytes of data, but it did not provide any details as to what the data was.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

Exclusive: Aussie lottery broker confirms cyber attack

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED