Snowflake Massive Breach: Ticketmaster User Data Among Those Stolen by Hackers

Hackers have been targeting the cloud storage platform Snowflake to steal data from its customers.

Hackers have reportedly been targeting the cloud storage platform Snowflake to steal data from its hundreds of customers, which may include Ticketmaster.

Snowflake Breach
Joe Raedle/Getty Images

Snowflake on Cybersecurity Breach

Snowflake, a Boston-based company known for providing cloud-based data storage and analytics services to numerous major brands, confirmed that it is investigating increased cyber threat activity targeting some of its customers' accounts.

This statement follows a claim by cybersecurity vendor Hudson Rock, which reported that Snowflake experienced a "massive breach" affecting up to 400 companies.

Hudson Rock discovered the incident after communicating with a hacker who allegedly accessed the data of Ticketmaster and Santander Bank. According to the cybersecurity vendor, the hacker noted that all these breaches originated from the compromise of a single vendor, Snowflake.

The hacker asserted that they breached Snowflake by acquiring login credentials from an employee's ServiceNow account, which seemed to be integrated into Snowflake's internal IT infrastructure.

This access allowed them to bypass security measures from Snowflake's single sign-on provider, Okta. After gaining entry, the hacker claimed to have generated session tokens, enabling them to extract substantial amounts of data from the company.

Hudson Rock disclosed that the hacker then attempted to extort $20 million from Snowflake but received no response from the Montana-based company.

Live Nation Confirms Ticketmaster Was Hacked

Live Nation, a major player in the entertainment industry, has confirmed that its ticketing arm, Ticketmaster, experienced a security breach. According to TechCrunch, the confirmation came in a filing with government regulators late on Friday.

Live Nation said the breach involved unauthorized activity within a third-party cloud database containing company data. Although Live Nation did not disclose the name of the third-party cloud database, it is known that much of Live Nation and Ticketmaster's infrastructure is hosted on Amazon Web Services.

In its filing, the company said the breach occurred on May 20 and May 27, when a cybercriminal also offered what it alleged to be "company user data for sale via the dark web."

While Live Nation did not specify whose personal information was compromised, it is believed to relate to customers. The reason for the company's delay in publicly disclosing the breach, which took more than a week, remains unclear.

"As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations," Live Nation said in the filing. "We continue to evaluate the risks and our remediation efforts are ongoing."

A Ticketmaster spokesperson told TechCrunch that the company's stolen data was hosted on Snowflake. However, the spokesperson did not explain how the data was extracted from Snowflake's systems.

Written by Inno Flores
Tech Times

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics