Hackers Hit Jackpot With National Lottery Breach

national lottery hacked camelot cybersecurity
About 26,500 National Lottery accounts have reportedly been compromised. Creative commons / Magnus D

In the U.K., the personal data of thousands of National Lottery players has been compromised after cyber criminals hacked their accounts, according to its operator Camelot.

The company said that it became aware of the security breach on Monday, November 28, and that about 26,500 accounts were compromised.

“We would like to make clear that there has been no unauthorized access to core National Lottery systems or any of our databases, which would affect National Lottery draws or payment of prizes,” Camelot said in a statement.

“In addition, no money has been deposited or withdrawn from affected player accounts.”

Camelot says it is working closely with Britain's National Crime Agency and the National Cyber Security Centre to investigate the incident.

The affected accounts represent only a small proportion of the 9.5 million National Lottery players registered online.

Analysts say that the compromised accounts demonstrate that financial details are not always a hacker’s end game.

“The act of stealing personal information from these accounts but leaving financial credentials untouched…highlights that the motives of the criminals was not immediate financial fraud but highly sought personal identifiable information,” says Chris Hodson, chief information security officer at cybersecurity firm Zscaler.

“The National Lottery has now outlined that no payment details or money were accessed, but that does not lessen the impact of the breach. Confidential data can still be used to build a false customer profile or commit subsequent fraud at scale.”