HomeVulnerabilityCybercrime group claims to have stolen knowledge on 560 million Ticketmaster customers

Cybercrime group claims to have stolen knowledge on 560 million Ticketmaster customers

“It is a firm that has lots of legacy infrastructure. It’s what makes Ticketmaster doable. However that comes with lots of legacy threat,” she mentioned. “Previous software program and previous {hardware} and previous insurance policies and procedures, that every one introduces lots of extra threat.”

Britton White, who publicly says that he works in cyberthreat intelligence for an unidentified personal sector agency, posted on LinkedIn {that a} Ticketmaster software program accomplice, EPAM, had an worker account breached the place the attacker took over distant management of the sufferer’s system.

That assault technique, White mentioned in an interview, permits the attacker to keep away from multi-factor authentication defenses and bypass two-factor authentication, “stealing the session tokens and cookies. With that stage of entry, these organizations simply received’t know that they’ve been breached.”

Nevertheless, he mentioned that he couldn’t show that that was the technique of assault on this case.

Matt Harrigan, a VP at Leviathan Safety, mentioned that it was not clear whether or not the fee card knowledge supposedly stolen can be ample to permit for fraudulent transactions.

See also  Important Rust flaw permits Home windows command injection assaults

Applicable precautions

“You’ll be able to’t purchase a Ferrari with the final 4 digits of a fee card,” Harrigan mentioned, including that it appeared Ticketmaster had taken the suitable precautions to guard cardholder knowledge. 

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular