UK National Lottery Data Breach Affects 26,500 Accounts

The UK National Lottery, managed by Camelot, faced a security incident that permitted unauthorized entry to approximately 26,500 player profiles. This constitutes a minor percentage of the overall 9.5 million accounts, and Camelot has minimized the event, indicating that only 50 of the compromised profiles have displayed any unusual actions since the breach was detected on Monday.

Although no funds were taken, Camelot acknowledges that certain private data within the impacted accounts might have been accessed. They are presently reaching out to all affected players and mandating password changes.

Crucially, the security lapse did not influence the National Lottery’s central infrastructure or any data repositories, thus drawings and prize disbursements remained unaffected.

The prevailing hypothesis is that the perpetrators gained entry through credential stuffing, implying the players probably reused email and password pairings that were formerly compromised on other internet services.