Camelot Group, operator of the UK National Lottery, has said that 26,500 online player accounts have been hacked.
Speaking in a statement, Camelot said that while it does not believe any of its core systems or databases have been compromised, players’ login details have been stolen from elsewhere.
Of the 26,500 accounts in question, fewer than 50 have experienced activity since being accessed, although no funds have been deposited or withdrawn.
Camelot added that some of the activity may have been the account holders themselves.
However, Camelot has now suspended the accounts and contacted customers to re-activate and reset their passwords.
“We do not hold full debit card or bank account details in National Lottery players’ online accounts and no money has been taken or deposited,” Camelot said.
“However, we do believe that this attack may have resulted in some of the personal information that the affected players hold in their online account being accessed.
“Cyber criminals such as this are persistent, and we are continuing to monitor and protect our systems.
“We are also working closely with the National Crime Agency and the National Cyber Security Centre on an ongoing basis on this criminal matter.
“We’d like to reassure our customers that protecting their personal data is of the utmost importance to us.
“We are very sorry for any inconvenience this may cause to our players and would like to encourage those with any concerns to contact us directly, so we can discuss it with them in more detail.”
Earlier this month, Camelot was forced to suspend the official National Lottery mobile application after users reported a series of issues, including an incorrect non-winning message when checking results with a QR code scanner or the manual entry checker on the app.
The app was relaunched on iOS devices last weeks, with a version for Android users currently in development.