Brightstar Lottery Data Breach Exposes Social Security Numbers

On Nov. 17, 2024, Brightstar Global Solutions Corporation, now known as Brightstar Lottery, experienced a significant data breach involving unauthorized access to certain internal corporate systems. The breach was discovered the same day, prompting immediate action to secure the affected systems and initiate a thorough investigation.

Due to the complex and unstructured nature of the compromised data, Brightstar and its partner IGT Group conducted a detailed manual review to determine the scope and specific information involved. This review concluded on Aug. 21, 2025.

The breach exposed a broad range of sensitive consumer information including names, contact information, dates of birth, government identification documents and numbers (such as driver’s license numbers, Social Security numbers and tax identifiers), financial account information and health data.

The breach was formally reported to the California Attorney General on Oct. 3, 2025.

Brightstar Global Solutions' response

In response to the incident, Brightstar and IGT Group took immediate steps to secure their systems and launched a comprehensive investigation. The companies also reported the breach to law enforcement and have implemented additional security measures to strengthen their defenses against future attacks. Ongoing system monitoring has been put in place to detect any suspicious activity.

To support those affected, Brightstar has engaged Kroll, a global risk mitigation and response firm, to provide complimentary identity monitoring services for 24 months. These services include credit monitoring, fraud consultation and identity theft restoration. Affected individuals will receive alerts of changes to their credit data, have access to fraud specialists for guidance and, if necessary, receive assistance from licensed investigators to resolve identity theft issues.

Individuals are encouraged to remain vigilant by reviewing personal records and monitoring credit reports. Brightstar has provided detailed instructions on how to place fraud alerts or security freezes with the major credit bureaus and recommends reporting any suspected identity theft to law enforcement and the Federal Trade Commission. Additional resources and step-by-step guidance are available in the official notice, which will be accessible at the bottom of this article’s page in PDF format.