Nelcia Charlemagne reports:
Virgin Islands Lottery’s executive director, Raymond Williams, says the entity is now “90 percent back [to] functionality” after a cybersecurity incident that halted operations across the territory. The March ransomware attack compromised Lottery’s entire network.
Mr. Raymond appeared before the Committee on Government Operations, Veterans Affairs, and Consumer Protection on Friday. He reminded Committee members that the “bad actors” responsible for the attack requested a $1 million ransom, which V.I. Lottery refused to pay. Instead, a decision was made to “rebuild an entire system from scratch.” V.I. Lottery continues to make “technical tweaks” to “ensure that the protections are there.”
“We had all our servers, computers, and other systems sanitized, loaded with new security measures, and then we began an arduous process of rebuilding,” Mr. Williams explained.
Read more at the Virgin Islands Consortium.
This appears to be the second ransomware attack in a year. In January 2024, the lottery announced it was the victim of a ransomware attack. In February 2024, the Play ransomware group claimed responsibility for the attack and added the lottery to its dark web leak site. It’s not clear whether all the data was ever leaked, however.
DataBreaches emailed the V.I. Lottery yesterday inquire whether the recent attack was related to, or connected to, the same threat actors or incident. DataBreaches also asked how threat actors gained access in the two incidents. No reply has been received by publication, and no ransomware gang appears to have claimed responsibility for the recent attack.