A hacker who broke into the UK National Lottery’s website in 2016 has been sentenced to nine months in prison for his ill-fated and ultimately unrewarding efforts.
In November 2016, National Lottery operator Camelot warned customers that their personal data may have been compromised after determining that unauthorized individuals had gained access to around 26,500 online accounts.
The following spring, police traced one of the IP addresses from which the hack occurred to Aston University. Police then arrested suspect Idris Kayode Akinwunmi, who quickly cracked under police interrogation and gave up two other suspects with whom he claimed to have communicated only through a WhatsApp chat forum.
Akinwunmi claimed a WhatsApp user identified only as ‘Rosegold’ was the primary instigator of the National Lottery hack. Akinwunmi claimed Rosegold had supplied him with the brute-forcing tool Sentry MBA and instructed him on how to use it to access the National Lottery accounts.
Rosegold struck a deal with the other two suspects that he would receive a cut of any of the purloined proceeds from Lottery accounts. Akinwunmi’s hacking efforts yielded all of £13, although he dutifully forwarded £5 to Rosegold in fulfillment of their deal. Who says there’s no honor among (really inept) thieves?
A little cyber-sleuthing revealed that Rosegold was Notting Hill resident Anwar Batson, but when police appeared at Batson’s door he claimed he was the “victim of online trolling” and that other people had access to his computers. A subsequent examination of his digital devices revealed evidence of his chats with Akinwunmi and fellow suspect Daniel Thompson.
Akinwunmi and Thompson both copped to their involvement and were eventually sentenced to four and eight months, respectively. But Batson (pictured) continued to protest his innocence before abruptly changing his plea to guilty last December, for which he will serve nine months in prison, pay £250 in court costs and repay that customer’s stolen £5.
A Camelot spokesperson told the court that the hacking had cost the company around £230k and that around 250 customers had closed their online accounts as a result of the negative publicity.
The 2016 hack wasn’t the last unauthorized intrusion the National Lottery suffered, having been the victim of another hack in 2018, but Camelot said no customer had suffered any financial loss from that incident.