Colombian State Lottery Hacked Prize Winner Records Exposed

Elvis Emeka Ikeji Cyber-Threat 14 October 2025 Hits: 110

A new threat group calling itself Crimson Collective has claimed responsibility for a data breach at Loteria de Medellin, a state-operated lottery in Colombia. The group has shared samples of sensitive information related to prize winners, which they are now attempting to sell.

Compromised Winner Data

The criminal gang announced the breach on its Telegram channel, stating that it was leaking samples and selling the entire cache because the lottery organization failed to respond to its ransom emails. Crimson Collective claims to have exfiltrated over 1TB of compressed data from the lottery's systems.

Analysis of the leaked samples, which appear to be highly sensitive, confirmed they include:

National ID numbers and scanned copies of identification cards.
Bank account certificates and full account numbers.
Full names, physical addresses, phone numbers, and email addresses.
Signatures and fingerprints.
Internal prize claim and payment forms.

Cybernews researchers noted that malicious actors likely believe this data is highly valuable because lottery winners may be more susceptible to scams. The leaked information could easily be used for widespread phishing, scams, or identity theft.

Profile of Crimson Collective

Crimson Collective is a relatively new but ambitious ransom gang. It gained attention after recently claiming to have stolen 570GB of data from Red Hat Consulting's internal GitLab repositories. The group has also previously targeted the Colombian telecommunications operator Claro and falsely claimed a breach against the gaming giant Nintendo.

Rapid7 researchers report that Crimson Collective primarily focuses on the collection and exfiltration of valuable assets like databases, project repositories, and customer information. According to Dark Reading, the group has recently joined the ranks of the notorious cybercrime conglomerate Scattered LAPSUS$ Hunters, which includes the Scattered Spider, LAPSUS$, and ShinyHunters groups.

Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.

WHAT ARE YOU LOOKING FOR?

Popular Tags

Senator Wyden Urges FTC to Probe Microsoft for Cybersecurity Negligence

U.S. Targets Russian and Chinese Entities in North Korean IT Scam

U.S. Busts 29 Laptop Farms Tied to North Korean IT Scam

U.S. Moves to Seize $225.3M Linked to Crypto Scams

Cyberattack Halts All Operations for Japan's Top Brewer

China launches anti-monopoly probe into Nvidia

Facebook Among Social Media Platforms Nepal Plans to Block

Japan Plans to Double Cybersecurity Workforce by 2030

Czech Agency Warns of Chinese Espionage Threat to Infrastructure

Russia Blocks Telegram, WhatsApp Calls Over Law Violations

UK to Ban Public Sector from Paying Ransomware Gangs

UK’s Most Powerful Supercomputer Goes Live

Sovereign AI Cloud Debuts in South Africa via Touchnet–Zadara Alliance

Sui Opens Lagos Hub to Boost West Africa’s Blockchain Development

Axiz and Kaspersky Join Forces to Boost Cybersecurity in Africa

Schneider Electric Unveils First African Innovation Hub to Advance Digital Solutions

Pakistan's Government Launches Probe Into SIM Data Leak

Red Sea Cable Damage Disrupts Internet in Asia and Middleeast

Hackers Claim Breach of Saudi Industrial Services Firm

Nokia, e& UAE, and MediaTek Break 5G Speed Record in Middle East

Raleigh, NC

Colombian State Lottery Hacked Prize Winner Records Exposed

Follow us on

Get Our Newsletter

Tech

Meta Brings Generative AI Photo and Video Editing to Instagram Stories

AI Coding IDEs Cursor and Windsurf Exposed to Over 94 Chromium Flaws

Anthropic Launches Claude Code Web App for Pro Subscribers

G20 Watchdogs to Boost Oversight of AI Use in Global Finance

Category

Popular Sections

About