A hacker is promoting buyer knowledge allegedly stolen from the Australia-based stay occasions and ticketing firm TEG on a widely known hacking discussion board.
On Thursday, a hacker put up on the market the alleged stolen knowledge from TEG, claiming to have data of 30 million customers, together with the total identify, gender, date of start, username, hashed passwords, and e-mail addresses.
In late Might, TEG-owned ticketing firm Ticketek disclosed a data breach affecting Australian prospects’ knowledge, “which is saved in a cloud-based platform, hosted by a good, international third get together provider.”
The corporate mentioned that “no Ticketek buyer account has been compromised,” due to the encryption strategies used to retailer their passwords. TEG conceded, nonetheless, that “buyer names, dates of start and e-mail addresses might have been impacted” — knowledge that may line up with that marketed on the hacking discussion board.
The hacker included a pattern of the alleged stolen knowledge of their submit. information.killnetswitch confirmed that a minimum of a number of the knowledge revealed on the discussion board seems reliable by making an attempt to join new accounts utilizing the revealed e-mail addresses. In quite a lot of circumstances, Ticketek’s web site gave an error, suggesting the e-mail addresses are already in use.
When reached by e-mail, a spokesperson for TEG didn’t remark by press time.
On its official web site, Ticketek says the corporate “sells over 23 million tickets to greater than 20,000 occasions annually.”
Whereas Ticketek didn’t identify the “cloud-based platform, hosted by a good, international third get together provider,” there may be proof that means it may very well be Snowflake, which has been on the middle of a latest sequence of knowledge thefts affecting a number of of its prospects, together with Ticketmaster, Santander Financial institution, and others.
A now-deleted submit on Snowflake’s web site from January 2023 was titled: “TEG Personalises Stay Leisure Experiences with Snowflake.” In 2022, consulting firm Altis revealed a case examine detailing how the corporate, working with TEG, “constructed a contemporary knowledge platform for ingesting streaming knowledge into Snowflake.”
Contact Us
Do you may have extra details about this incident, or different breaches associated to Snowflake? From a non-work system, you’ll be able to contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or through Telegram, Keybase and Wire @lorenzofb, or e-mail. You can also contact information.killnetswitch through SecureDrop.
When reached for touch upon the Ticketek breach, Snowflake spokesperson Danica Stanczak didn’t reply our particular questions, and as a substitute referred to the corporate’s public assertion. In it, Snowflake chief data security officer Brad Jones mentioned that the corporate has not “recognized proof suggesting this exercise was brought on by a vulnerability, misconfiguration, or breach of Snowflake’s platform.”
Snowflake’s spokesperson declined to substantiate or deny whether or not TEG or Ticketek is a Snowflake buyer.
Snowflake supplies corporations all around the world with providers that assist its prospects retailer knowledge within the cloud. Cybersecurity agency Mandiant, owned by Google, mentioned earlier this month that cybercriminals have stolen a “important quantity of knowledge” from a number of Snowflake prospects. Mandiant is working with Snowflake to research the data breach, and disclosed in a weblog submit that the 2 corporations have notified round 165 Snowflake prospects.
Snowflake has blamed the hacking marketing campaign on its prospects for not utilizing multi-factor authentication, which allowed hackers to make use of passwords “beforehand bought or obtained by way of infostealing malware.”
