Na­tional Lot­tery hacked – change your pass­word now

Teenage hacker Adam Mudd

Computer Active (UK) - - News -

All Na­tional Lot­tery cus­tomers have been urged to change their pass­words af­ter sus­pi­cious ac­tiv­ity was spot­ted in 150 ac­counts.

Camelot, the Lot­tery’s par­ent com­pany, emailed cus­tomers to say that the af­fected ac­counts had been “sub­ject to an unau­tho­rised log-in and that very lim­ited in­for­ma­tion may have been viewed”.

It added it was “tak­ing all the nec­es­sary steps to fully un­der­stand what has hap­pened”, not­ing that the vast ma­jor­ity of ac­counts - 10.5 mil­lion - weren’t af­fected.

Strange be­hav­iour was de­tected in early March. Camelot said this was “low level” hack­ing that was “very spo­radic – and al­most in­dis­tin­guish­able from nor­mal player ac­tiv­ity”.

It ad­dressed fears that hack­ers might steal win­ning Lot­tery num­bers by say­ing there was “no unau­tho­rised ac­cess to core Na­tional Lot­tery sys­tems or any of our data­bases, which would af­fect Na­tional Lot­tery draws or the pay­ment of prizes”.

It claimed no player had suf­fered fi­nan­cial loss, and said that the tar­geted ac­counts have been sus­pended. Af­fected cus­tomers have re­ceived help to re-ac­ti­vate ther ac­counts, Camelot added.

The com­pany tried to re­as­sure cus­tomers by stat­ing that it doesn’t dis­play full debit-card or bank-ac­count de­tails on on­line ac­counts.

A Camelot spokesper­son said the at­tack ap­peared to be a case of ‘cre­den­tial stuff­ing’, in which hack­ers launch au­to­mated at­tempts to ac­cess ac­counts us­ing user­names and pass­words taken from stolen lists cir­cu­lat­ing on the in­ter­net.

A sim­i­lar tac­tic ap­pears to have been used in Novem­ber 2016 when Camelot spot­ted sus­pi­cious be­hav­iour in 26,500 Na­tional Lot­tery ac­counts.

Camelot has re­ported the in­ci­dent to the po­lice, the In­for­ma­tion Com­mis­sioner’s Of­fice and the Na­tional Cy­ber Se­cu­rity Cen­tre.

To change your pass­word visit www.snipca.com/27322 and en­ter your email ad­dress (see screenshot). Read Camelot’s state­ment at www.snipca.com/27321.

When I was a teenager, I pro­grammed a sim­ple Hang­man game on my BBC Model B com­puter. Adam Mudd (pic­tured), from Kings Lan­g­ley in Hertfordshire, had his sights set higher. At the age of 15 he cre­ated a dev­as­tat­ing com­puter pro­gram that could be used to at­tack and shut down web­sites all over the world.

That was back in 2012 – and in the years that fol­lowed he raked in nearly £400,000 sell­ing his soft­ware to crim­i­nal gangs. In to­tal, his tool was used over 1.7 mil­lion times, tak­ing out in­no­cent tar­gets in­clud­ing on­line gam­ing sites and Mudd’s lo­cal col­lege. In March, Mudd was sen­tenced to two years in a young of­fend­ers’ in­sti­tute. Bubut that won’t undo the dadam­age he caused. One bubusi­ness re­port­edly spent £66mil­lion de­fend­ing it­self aga­gainst the at­tacks, and let’s nonot for­get the frus­tra­tion and an­guish caused to in­no­cent users of the tar­geted sites. Mudd’s still a young man, and let’s hope when he gets out he’ll turn his tal­ents to more pos­i­tive pur­suits. But for now he’s my Vil­lain of the Fort­night. Want to nom­i­nate a vil­lain of the fort­night? Email us at ed­i­tor@com­put­er­ac­tive.co.uk

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.