Hacker that hit UK National Lottery in 2016 was sentenced to prison

Pierluigi Paganini January 13, 2020

The alleged hacker behind the credential stuffing attacks on UK National Lottery accounts has been sentenced to nine months in prison.

Anwar Batson (29) of London has been sentenced to nine months in prison for fraud and four violations under the Computer Misuse Act of 1990. The sentence was announced by the UK’s National Crime Agency on Friday, the authorities arrested Batson in May 2017.

Initially, the man denied any accusation, claiming that hackers have left fake evidence to blame him for the crime, but later he pleaded guilty after investigators found on his devices conversations between him and other members of the hacker group behind the attack.

“A cyber criminal has today been jailed for nine months for committing offences against the National Lottery, after a National Crime Agency investigation.” reads the press release published by the NCA.

“Anwar Batson, 29, of Lancaster Road, Notting Hill, London, was sentenced at Southwark Crown Court after admitting four under the Computer Misuse Act 1990 and one fraud charge.”

uk national lottery -camelot

The attack took place in November 2016 and impacted the National Lottery customer database containing about 9,000,000 records.

According to the operator Camelot, roughly 26,500 accounts of the UK National Lottery players were accessed by cybercriminals. The security breach was spotted on November 28th during a routine online security monitoring.

“We do not hold full debit card or bank account details in National Lottery players’ online accounts and no money has been taken or deposited,” added the operator.

“However, we do believe that this attack may have resulted in some of the personal information that the affected players hold in their online account being accessed.”

The operator Camelot that runs the National Lottery immediately excluded that its systems were compromised by hackers, anyway it alerted impacted customers via email.

Batson used a tool called Sentry MBA to carry out the credential stuffing attacks on accounts belonging to National Lottery customers. Hackers used credentials obtained as a result of third-party breaches and exploited the bad habits of passwords reusing on multiple online services.

Another two men involved in the attack against the accounts of the National Lottery, Daniel Thompson (27) of Newcastle and Idris Kayode Akinwunmi (21) of Birmingham, were sentenced in July 2018 to eight and four months in prison, respectively

“Even the most basic forms of cyber crime can have a substantial impact on victims.” said NCA senior investigating officer Andrew Shorrock.

“No one should think cyber crime is victimless or that they can get away with it.”

“The NCA will pursue and identify offenders and any conviction can be devastating to their futures.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – National Lottery, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment