Contractors steal $70,000 in lottery prize money

Jan 9, 2008, 3:53 pm (16 comments)

Washington, D.C. Lottery

Computer system breached; technicians printed bogus tickets, investigators allege

D.C. officials were told last year that lax enforcement of security procedures made it possible for a handful of contract employees to steal tens of thousands of dollars in lottery tickets and prize money, according to records released this week in response to a Freedom of Information Act request filed with the D.C. Lottery and Charitable Games Control Board.

An investigation conducted by Battelle Memorial Institute in August 2006 determined that the ticket thefts were most likely committed by field service technicians employed by Lottery Technology Enterprises, a District-based joint venture between GTECH Corp., New Game Technologies and Opportunity Systems Inc.

Lottery officials learned of questionable ticket sales in December 2005, when several District retail locations began complaining about unauthorized ticket sales charged to their accounts. In each case, the sales were recorded as occurring after the retailers' business hours. Surveillance footage and audits of ticket stock showed that no one was at the retailers' lottery terminals when the tickets were supposedly sold.

Battelle, a technology consultancy, concluded that LTE technicians probably created the unauthorized tickets by manipulating radio communications technology that is used to transmit ticket purchases from retail terminals to the D.C. Lottery's central system. Battelle determined that many lottery retailers failed to enable encryption security on their machines. LTE technicians were thus able to gain remote access to these machines and, using spare lottery terminals, were able to print lottery tickets without paying for them, Battelle found.

In about 5,600 transactions over a seven-month period, the perpetrators made it appear as if purchases had been made at one of more than three dozen lottery terminals at authorized locations.

All told, the perpetrators created $86,000 in phantom DC Lucky Numbers, DC-4, D.C. Keno and Powerball tickets, with more than $70,000 in prize money.

Lottery Technology officials did not return calls seeking comment. A spokesman for GTECH, a lottery hardware and software vendor based in Providence, R.I., also did not respond to repeated calls.

Jay Young, chief operating officer for the D.C. Lottery, said the board worked with the FBI to identify at least three LTE employees suspected of committing the fraud. The company later fired the workers, but investigators did not have enough evidence of wrongdoing to bring criminal charges.

LTE has since repaid the District government the purchase price of the stolen tickets, but not the resulting prize money. Ben Lorigo, executive director of the District's Office of Integrity and Oversight, said the D.C. government is seeking to recoup the lost winnings as well as monetary damages from Lottery Technologies, though he declined to say how much.

"We're just looking to be made whole here," Lorigo said.

The Battelle report found that the "radio communications being used by the [lottery] system had a previously undiscovered vulnerability. This vulnerability permitted an unauthorized lottery terminal to enter 'rogue' transactions into the system, producing apparently legitimate tickets that could be cashed as winners."

According to Battelle, GTECH has since put in place a technological fix that should prevent unregistered lottery terminals from being used on the network. The terminals used to print the stolen tickets were never found.

The Battelle audit also faulted Lottery Technology's management processes on multiple levels, from a failure to conduct thorough background checks on employees to the lack of strict controls over who had access to lottery terminals.

News of the phantom tickets comes at a sensitive time for GTECH and LTE; the D.C. government is soliciting requests for proposals to rebuild the city's aging gaming system. Installed in 1985 — with minor upgrades a decade later — the technology that powers the District's lottery system is among the oldest in North America. The city is expected to award the contract early next year.

The D.C. Lottery retailers affected by the scam were never told how the thefts were carried out. The D.C. government simply refunded to retailers the money it gained from the ticket sales. The stores were allowed to keep the commissions made on the bogus tickets.

Last year, the D.C. Lottery sold more than $266 million in tickets, generating almost $74 million for the city.

Washington Post

Tags for this story

Other popular tags

Comments

spy153's avatarspy153

LOL!  I knew that was going to happen sooner or later!LOL

justxploring's avatarjustxploring

" In about 5,600 transactions over a seven-month period, the perpetrators made it appear as if purchases had been made at one of more than three dozen lottery terminals at authorized locations.

All told, the perpetrators created $86,000 in phantom DC Lucky Numbers, DC-4, D.C. Keno and Powerball tickets, with more than $70,000 in prize money. "

Of course this is very wrong, but I'm surprised the numbers are so low.  Maybe they haven't caught all of the "perpetrators."

JAP69's avatarJAP69

Inside job huh.

And whoooooooo do you think programs rng drawings for the state draws.

HMMMMMMMMMMMMMMMMMMMMMM.

jarasan's avatarjarasan
konane's avatarkonane

Quote: Originally posted by JAP69 on Jan 9, 2008

Inside job huh.

And whoooooooo do you think programs rng drawings for the state draws.

HMMMMMMMMMMMMMMMMMMMMMM.

I Agree!    Skeptical     Hiding Behind Computer  Sure doesn't add credibility to TN's Lottery "glitch."

four4me

And i have said in many post that you could possibly gain access to the system from a remote location outside the buildings where the machines are kept.

What it boils down to is if there's a will theres a way for thieves to steal just about anything.

And for all it's worth if this doesn't send a message to states that use RNG software to bring back ball drawings. I don't know what will.

justxploring's avatarjustxploring

Quote: Originally posted by jarasan on Jan 9, 2008

I told ya.

https://www.lotterypost.com/thread/168434

Still going on.

Corruption in Washington D.C.?   Like this is something new?

Yes Nod

JimmySand9

It seems like the computer draws were the only thing not tampered with. That's a first.

KyMystikal's avatarKyMystikal

I don't know if I feel any better living here in TN compared to living in DC. I don't know, maybe I read this too fast but did it say they were printing winning tickets or just tickets for the games? In Ky the lottery tickets show the time they were printed. Can't they just look at the times the tickets that were winners were printed at to find the bogus tickets since they were printed at times the retailers were closed????

Todd's avatarTodd

Quote: Originally posted by four4me on Jan 10, 2008

And i have said in many post that you could possibly gain access to the system from a remote location outside the buildings where the machines are kept.

What it boils down to is if there's a will theres a way for thieves to steal just about anything.

And for all it's worth if this doesn't send a message to states that use RNG software to bring back ball drawings. I don't know what will.

Aha!  You've hit on the key point here.  The ability for people to get into a system, when they are not supposed to be able to.

It's like in Jurassic Park, when Iam Malcolm says "Life finds a way," to describe how the dinosaurs are able to breed, even though the genetic engineers made that "impossible".

It is inevitable.  Just like this system was broken into — and like other computerized drawing systems had "glitches" — "Crime finds a way".

It also reminds me of the auto industry, which only issues recalls when their accountants calculate that the cost of lawsuits from injuries suffered from the car problem outweighs the cost of the recall.  The lottery industry seems content to allow a certain amount of crime to invade their games, and will continue to allow it until the revenue losses outweigh the so-called savings of their computerized drawing systems.

These computerized drawing systems are the bane of the lottery industry, and shame on the legislators in each computerized state for not getting rid of them.  Yes, I place blame on the legislators, who ultimately hold the reigns on their state's lottery.

four4me

Quote: Originally posted by Todd on Jan 10, 2008

Aha!  You've hit on the key point here.  The ability for people to get into a system, when they are not supposed to be able to.

It's like in Jurassic Park, when Iam Malcolm says "Life finds a way," to describe how the dinosaurs are able to breed, even though the genetic engineers made that "impossible".

It is inevitable.  Just like this system was broken into — and like other computerized drawing systems had "glitches" — "Crime finds a way".

It also reminds me of the auto industry, which only issues recalls when their accountants calculate that the cost of lawsuits from injuries suffered from the car problem outweighs the cost of the recall.  The lottery industry seems content to allow a certain amount of crime to invade their games, and will continue to allow it until the revenue losses outweigh the so-called savings of their computerized drawing systems.

These computerized drawing systems are the bane of the lottery industry, and shame on the legislators in each computerized state for not getting rid of them.  Yes, I place blame on the legislators, who ultimately hold the reigns on their state's lottery.

I've know it was possible all along. Back in the early 90's we had a computer at work it was a work station for our machine shop the guy who ran it was on vacation. He had all his files write protected. Special passwords were needed to get into and log on to his files. Of course when he was gone we needed access to it. One of the guy on my shift said he could get into it in about a minute. This was after several people had tried in vane to do it. In about a minute the guy on my shift had access to everything on the PC. When the owner had asked how he had accomplished the task my co worker said i just went through the back door.

Across the street from me their is a guy who has cable and satellite PC connection. On day i was visiting him and he had access to everybody's PC in the neighborhood that didn't have a firewall.  He could log on and off everyones PC almost at will. Not to include look at their personal information.

KY Floyd's avatarKY Floyd

"did it say they were printing winning tickets or just tickets for the games?"

There's definitely something going on besides what was reported in the story. If they won $70,000 with ony $86,000 worth of tickets they got back almost 82% of the ticket price. Either the investigation hasn't uncovered another $55,000 +/- worth of stolen tickets, or they won far more often than should be expected.

"In Ky the lottery tickets show the time they were printed. Can't they just look at the times the tickets that were winners were printed at to find the bogus tickets since they were printed at times the retailers were closed?

Printing the time of sale on lottery tickets is pointless, as well a breach of security. In theory the only thing that needs to be on the ticket for purposes of security and validation is the number that was already printed on the back before the roll of blanks was loaded into the terminal. The central computer has all the information about each ticket, so the number on the back should  identify the ticket and all the info that belongs to it. While it would be possible to identify the fraudulent tickets based on the time of issue, there's not much point to it. Preventing tickets from being "issued" by a terminal that is offline, outside of regular hours or not, is a much better solution. 
 

dumars798's avatardumars798

  Crime never get you anywhere in life!!!

   Blue Thinking 

Captain Lotto's avatarCaptain Lotto

It's important to note that the crime was stealing tickets, not manipulating the drawings.  People are always at risk of falling prey to corruption, which is why Lotteries work so hard on security.  It was probably an internal security investigation that discovered and stopped the theiving. 

It's the human element.  When the payoffs are high, there will always be someone willing to take the risk.  Having ball drawings alone isn't any "extra" protection from would-be thieves.  Multiple layers is key to preventing theft. 

Subscribe to this news story
Guest