DDoS attack shuts down National Lottery site; affects online ticket sales

DDoS attack shuts down National Lottery site; affects online ticket sales

DDoS attack shuts down National Lottery site; affects online ticket sales

A distributed denial of service (DDoS) attack shut down the National Lottery website for over an hour on Sunday night, Camelot has confirmed.

Thousands of people were unable to buy tickets from the National Lottery website after the distributed denial of service (DDoS) attack took place.

According to Camelot, unknown hackers flooded the National Lottery website with online traffic at 6PM on Sunday, thereby causing a shutdown that lasted around 90 minutes. The DDoS attack prevented thousands of people from buying lottery tickets from the website until 7:30 PM on Sunday.

“Unfortunately, as experienced by many companies, The National Lottery website was subject to a DDoS (Distributed Denial of Service) incident for around 90 minutes this evening (from around 6 pm until 7.30pm).

“This affected players trying to buy tickets from our website and via our App, although players could still buy tickets from one of our 46,000 retailers. We would like to apologise to players for the inconvenience caused in this case,” said Camelot in a statement.

It is not known if the hackers behind the DDoS attack harboured a larger motive other than bricking the lottery website. In November of last year, cyber criminals accessed around 26,500 National Lottery accounts after breaching the site and it is not known if hackers behind both incidents are the same.

Despite accessing thousands of accounts last year, hackers were unable to get their hands on any sensitive or financial information as National Lottery online accounts did not contain any such data.

Even though Camelot had then suspended fewer than 50 altered accounts and had instigated a compulsory password reset on the full 26,500 accounts that were compromised, a repeat cyber attack on the website suggests that not much was done since then to improve the website’s defence against improvised DDoS or malware attacks.

“Websites who are unable to contain a DDoS attack like this risk losing their audience to competitors if they are unable to minimise the disruption, so it is essential that organisations expect cyber-attacks and know how they will respond,” says Kirill Kasavchenko, Principal Security Technologist at Arbor Networks.

Adding that organisations must review their cyber defences against DDoS attacks to gauge whether their defences are robust enough to ensure continuing operations of websites despite DDoS attacks, Kasavchenko says organisations should harden network infrastructures, ensure complete visibility of all network traffic, and implement sufficient DDoS mitigation capacity and capabilities.

“Cyber-criminals are an ever present threat, so organisations must act now to protect their operations from damaging interferences,” he concludes.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]