Crimson Collective has claimed responsibility for a major data breach at Loteria de Medellin (Lottired), a state-operated lottery in Colombia. The group, which operates primarily by exfiltrating sensitive data and demanding payment for its deletion, announced the breach on its Telegram channel, stating they were leaking the data because the organization failed to respond to their emails.
This incident is the latest in a string of high-profile attacks by Crimson Collective, which has rapidly built a reputation for targeting large corporations. In early October 2025, the group claimed a massive breach of software giant Red Hat, alleging the theft of 570GB of data from thousands of internal GitLab repositories. Their list of prior targets also includes another major Colombian entity, telecommunications operator Claro, and a claimed breach of gaming giant Nintendo, demonstrating a pattern of targeting prominent, data-rich organizations.
According to the actor’s post, they have exfiltrated over 1 terabyte of compressed data from the Colombian lottery. To substantiate their claims and increase pressure, they have publicly leaked numerous samples of what appears to be highly sensitive personal and financial information belonging to prize winners. The compromised data allegedly includes:
- Full names
- National ID numbers (Cédula de Ciudadanía)
- Scanned copies of national identification cards
- Dates and places of birth
- Physical addresses
- Phone numbers
- Email addresses
- Bank account certificates and full account numbers
- Signatures and fingerprints
- Internal prize claim and payment forms
