Comentários do leitor

The National Lottery was not hacked

por Eleanor Dransfield (2019-10-19)

-text c-gray-1" >Camelot yesterday reported that a few days prior, it had noticed unusual activity on a number of online National Lottery accounts. Roughly 26,500 of 9.5 million accounts are thought to have been compromised, with suspicious activity -- in this case, personal details being changed -- noted on less than 50. Since then, UK and international media have reported on this incident, with the vast majority of coverage sporting striking headlines along the lines of "National Lottery hacked." This statement is simply untrue. The National Lottery was not hacked.

jubyeekee-compare.jpgNational Lottery operator Camelot says as much in its statement: "We would like to make clear that there has been no unauthorised access to core National Lottery systems or มนต์สิธิ์คำสร้อยหวย any of our databases."

"We believe that the email address and password used on the National Lottery website may have been stolen from another website where affected players use the same details."

This is called credential stuffing, whereby previously exposed usernames and passwords are opportunistically plugged into other websites and services, since it's not uncommon for people to recycle user/pass combinations. If hacking is like breaking down a door, or at least picking the lock, then credential stuffing is like finding a key at the bottom of the road and trying it in every door, hoping to land on a fit. They are very, very different.

The whole situation is still alarming, of course. For one, there's no word on where those 26,500 account details came from. A previous hack or phishing campaign, perhaps? Worst case scenario: a recent hack of a site or service that has gone, as yet, undetected. The National Crime Agency and National Cyber Security Centre are investigating, so we might learn more in due course.

Camelot's immediate reaction has been to suspend the affected accounts and contact users about reactivating them. There's been no financial fallout, but obviously there are some personal details attached to the accounts that may've been seen/scraped.

LinkedIn was hacked, Ashley Madison was hacked, TalkTalk was hacked, Tesco Bank was hacked. The National Lottery was not hacked.

Source: Camelot In this article: camelot, credentialstuffing, culture, hack, hacking, internet, nationallottery All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. Comments 226 Shares Share Tweet Share Popular on Engadget
A month on, Apple Arcade is too cheap to quit
View The best iPhone screen protectors
View IKEA begins selling its smart blinds in some US stores
View Le Creuset's Star Wars cookware is available to pre-order
View Verizon and T-Mobile aren't supporting RCS on the Pixel 4 at launch
View From around the web