News writer
Something unexpected has hit Rhode Island's lottery world, and it's not a jackpot. Brightstar Lottery Group, the newly renamed company behind some of the state's gaming operations, says an “unauthorized third party” gained access to its internal systems late last year.
Now, thousands of Rhode Islanders are learning their personal information may have been caught in the breach. But just how serious is it, and what's the company doing about it?
Data breach in Rhode Island
Brightstar Lottery Group, formerly International Game Technology (IGT) PLC, has sent a letter to Rhode Island Attorney General Peter Neronha stating that “an unauthorized third party” gained access to parts of its internal corporate system. This unauthorized access took place on November 17, 2024.
As a result of this data breach, Brightstar confirmed that the personal information of over 6,300 Rhode Islanders was compromised.
Should Rhode Islanders worry?
Not particularly. The company stated they “took immediate action” after the breach was discovered. According to Associate General Counsel Macaire Piscione, Brightstar secured its internal systems and investigated the depth of the impact.
What did Brightstar discover?
The investigation by Brightstar concluded on August 21, 2025. During that review, they found 103,879 people were impacted, which included 6,354 Rhode Island residents.
According to the company's website, they serve “over 90 global customers in more than 100 jurisdictions.” This includes licensing agreements in Connecticut and Maine.
Authorities said the information accessible through the compromised Brightstar systems included names, contact information, dates of birth, driver's licenses, Social Security numbers, and financial account details.
According to the state laws in Rhode Island, a data breach must be reported no later than 45 calendar days after the breach is confirmed. If the breach impacted at least 500 people, the Attorney General's office must be notified.
Who was affected by the data breach?
While Brightstar confirmed that over 6,300 residents of Rhode Island were affected, it seems that most of those affected were current and former employees. A spokesperson for the company said they are not aware of any misuse of personal information.
Brightstar spokesperson Mike DeAngelis said in a statement, “The privacy and security of personal information is of utmost importance to us.”
Even though Brightstar states the issue was quickly taken care of and they aren't aware of any misuse of personal information, they are still taking precautions.
Brightstar will be offering anyone impacted by the breach 24 months of credit monitoring, fraud detection, or dark web monitoring. Brightstar will be sending out written notices to anyone affected by the breach.
A company rebrand
In June, the company rebranded its global lottery division as Brightstar following its July 2024 acquisition by New York-based Apollo Global Management Inc., which took IGT's name, slot machine, digital gaming, and sports betting operations private.
Originally, IGT signed a 20-year agreement back in 2021. This agreement had them supplying the state's lottery and scratch-off tickets, video lottery, and slot machine technology.
Brightstar continues to fulfill its obligations to the Rhode Island Lottery.
Enjoy playing the Rhode Island Lottery, and please remember to play responsibly.
Comments