I've been saying....
...for years how poor the lottery sites security is. For years they only allowed numbers and letters for a password and a small length. The originally didn't have a reset password option, you had to call them and it was clear the weak password policy was to cut down all support calls.
Eventually they allowed special characters but they don't tell you this when you change your password, they still have the wording numbers and letters.
They still have yet to implement 2 factor authentication.
I'm suprised they haven't been hit sooner.
Biting the hand that feeds IT
