The UK National Lottery has warned more than 10 million players with online accounts to change their passwords due to a security breach, The Telegraph reported.
"It said hackers had made attempts to access accounts and that limited information may have been viewed. It urged all online customers to change their passwords, particularly if they use the same email address and passwords for several sites.
It urged all online customers to change their passwords, particularly if they use the same email address and passwords for several sites.
The mass attack, said to have been done using a technique known as “credential stuffing,” was successful in accessing some 150 accounts. Some activity took place in fewer than ten accounts.
Camelot, the lottery operator, said no customers had lost any money.
It is contacting all 10.5 million online customers and put a warning on its website stating: “As part of our regular security monitoring, we have seen some suspicious activity on a very small number of players’ accounts."
The problem with this is that now the bad guys are going to launch phishing attacks claiming your account has been compromised, including a very handy link to the website, and please "login and change your password". Yeah, right.
Remember in these cases to never click on links in possibly suspicious emails, and only go to the website using a bookmark you set yourself, or type the website in the address bar.