Lottery recommends steps for players to protect themselves

By Kate Northrop

The New Hampshire Lottery experienced a cyber attack that forced their website offline for nearly a day.

On Thursday, August 25, a cyber attack impacted the NHiLottery website (NHLottery.com) after Lottery officials elected to bring it offline while they worked through security details.

At around 9:30 am on the morning of Friday, August 26, the Lottery announced that their third-party hosting provider had experienced a cyber attack.

"Our players' security and integrity of our web platform is our primary concern," lottery officials said in a statement to WMUR. "We have notified our players of this situation, and we will continue to keep the public updated as we receive more information."

Last Monday, the Lottery released another statement with more details on the issue.

"The attack resulted in the creation of a banner/pop-up intending to get users to click and download a .zip file," the statement reads.

The attack occurred on the day when sales are typically highest, with the Mega Millions drawing set to take place that Friday night. Lottery ticket sales in stores across the state were unaffected.

To mitigate the risk of sustaining any more harm while they worked through the security issues, the Lottery was forced to take the website offline. The website was back online with "enhanced security measures" as of Saturday, August 27 at 1:24 am, the Lottery said.

"We are confident this attack did not impact any player data, nor compromise the integrity of our gaming platforms," the Lottery continued.

The Lottery recommends that players take steps to protect themselves if they happened to visit the website during the cyber attack.

Website visitors who clicked on the banner/pop-up link and downloaded the .zip file should delete it and empty the computer's Trash/Recycle Bin. Those who opened or launched any items in the .zip file are encouraged to install and run an antivirus/malware scanner to remove suspicious files. The Lottery recommended AVG Free for AntiVirus and Malwarebytes for Malware.

The Lottery also suggests that players who logged into their account between the late evening of Thursday, August 25 and the morning of Friday, August 26 change their account password, as well as the account information for any other websites that use the same username and password combination. Details for doing this can be found on the New Hampshire Lottery's website.

Additionally, the cyber attack triggered Google's review process for assessing the security of websites. Website visitors who use Google Chrome or Firefox as their Internet browsers may see a warning message when trying to access the Lottery's official website until the review process is complete.

Players may also experience general problems accessing the updated website since it was moved to a new server.

While he is not related to the New Hampshire Lottery, Jeff Stutzman, the CEO of New Hampshire-based cybersecurity company Trusted Internet, said that there have been more cyber attacks on notable entities lately.

"We've been seeing a lot of government sites that have been hit in the last two years," he explained. "Ransomware has gone through the roof, we applications. All kinds of things are being hit."

cyber attacks on government agencies or large companies are not unheard of, but anyone who runs a website at home, big or small, should take care to implement security protections, Stutzman cautioned.

Officials are working with their hosting provider, have initiated an investigation into the incident, and will continue to address player and partner questions as they arise, the Lottery said.