Massive Ticketmaster, Santander data breaches linked to Snowflake cloud storage

Share via:


An alleged data breach potentially affecting as many as 560 million Ticketmaster accounts and a confirmed one for Santander Bank may have stemmed from attacks on the cloud storage accounts with a company called Snowflake. As spotted by Bleeping Computer, an investigation from cybersecurity firm Hudson Rock reports that a bad actor gained access to Ticketmaster and Santander by using the stolen credentials of a single Snowflake employee.

According to Hudson Rock, the hacker bypassed the authentication service Okta using these credentials and then generated session tokens to obtain a trove of information from Snowflake. In addition to Ticketmaster and Santander Bank, Hudson Rock suggests the hacker may have gained access to hundreds of other Snowflake customers. A few of the major brands that use the cloud storage service include AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard.

Snowflake has seemingly disputed Hudson Rock’s findings in its most recent response, saying that while investigating “potentially unauthorized access to certain customer accounts,” it “observed increased threat activity beginning mid-April 2024 from a subset of IP addresses and suspicious clients we believe are related to unauthorized access.”

More details on those findings are available here, but the company says that while a bad actor accessed a “demo account” belonging to a former employee, it didn’t contain sensitive information. It claims that “To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product.”

Ticketmaster still has yet to confirm any breach, but malware tracker vx-underground says it can assert “with a high degree of confidence” that the leaked data is legitimate. It notes that some of the leaked information dates back to the mid-2000s and includes full names, emails, addresses, phone numbers, hashed credit card numbers, and more.

Earlier this month, Santander published a statement to confirm that “certain information” of customers in Chile, Spain, and Uruguay had been accessed. The Verge reached out to Ticketmaster and Santander with requests for comment but didn’t immediately hear back.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Massive Ticketmaster, Santander data breaches linked to Snowflake cloud storage


An alleged data breach potentially affecting as many as 560 million Ticketmaster accounts and a confirmed one for Santander Bank may have stemmed from attacks on the cloud storage accounts with a company called Snowflake. As spotted by Bleeping Computer, an investigation from cybersecurity firm Hudson Rock reports that a bad actor gained access to Ticketmaster and Santander by using the stolen credentials of a single Snowflake employee.

According to Hudson Rock, the hacker bypassed the authentication service Okta using these credentials and then generated session tokens to obtain a trove of information from Snowflake. In addition to Ticketmaster and Santander Bank, Hudson Rock suggests the hacker may have gained access to hundreds of other Snowflake customers. A few of the major brands that use the cloud storage service include AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard.

Snowflake has seemingly disputed Hudson Rock’s findings in its most recent response, saying that while investigating “potentially unauthorized access to certain customer accounts,” it “observed increased threat activity beginning mid-April 2024 from a subset of IP addresses and suspicious clients we believe are related to unauthorized access.”

More details on those findings are available here, but the company says that while a bad actor accessed a “demo account” belonging to a former employee, it didn’t contain sensitive information. It claims that “To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product.”

Ticketmaster still has yet to confirm any breach, but malware tracker vx-underground says it can assert “with a high degree of confidence” that the leaked data is legitimate. It notes that some of the leaked information dates back to the mid-2000s and includes full names, emails, addresses, phone numbers, hashed credit card numbers, and more.

Earlier this month, Santander published a statement to confirm that “certain information” of customers in Chile, Spain, and Uruguay had been accessed. The Verge reached out to Ticketmaster and Santander with requests for comment but didn’t immediately hear back.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

How B2B Fintech Is Revolutionising Banking Tech

SUMMARY B2B fintech sector is geared towards finding solutions...

India’s Edtech Reset — The Aftermath Of The Golden...

India’s edtech startups have been stuck in an...

Entrepreneur Marc Lore on ‘founder mode,’ bad hires, and...

Entrepreneur Marc Lore has already sold two companies...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!