Ticketmaster has began to inform prospects who had been impacted by a data breach after hackers stole the corporate’s Snowflake database, containing the information of hundreds of thousands of individuals.
“Ticketmaster just lately found that an unauthorized third celebration obtained info from a cloud database hosted by a third-party knowledge providers supplier,” reads a data breach notification shared with the Workplace of the Maine Lawyer Normal.
“Based mostly on our investigation, we decided that the unauthorized exercise occurred between April 2, 2024, and Could 18, 2024. On Could 23, 2024, we decided that a few of your private info might have been affected by the incident. Now we have not seen any further unauthorized exercise within the cloud database since we started our investigation.”
Ticketmaster says that the breach uncovered prospects’ names, primary contact info, and “<additional>” info, which is completely different relying on the consumer.
The corporate recommends prospects “stay vigilant” towards identification theft and fraud and has provided one 12 months of free identification monitoring to trace their credit score historical past.
Whereas Ticketmaster lazily mentioned the breach solely impacted greater than 1000 individuals (“>1000”), it truly impacted hundreds of thousands of consumers worldwide and uncovered what many would contemplate far more delicate info.
Ticketmaster’s Snowflake knowledge theft assault
Final month, a menace actor generally known as ShinyHunters started promoting stolen knowledge from Stay Nation/Ticketmaster, claiming it contained the non-public info and bank card info of 560 million customers.
The menace actors used compromised Ticketmaster credentials that didn’t have multi-factor authentication enabled to steal the information from their Snowflake account.
Snowflake is a cloud-based knowledge warehousing firm utilized by the enterprise to retailer databases, course of knowledge, and carry out analytics.
ShinyHunters started promoting the information on Could 28 on a widely known hacking discussion board for $500,000. The menace actor claimed that the information was 1.3TB and contained info for 560 million prospects, ticket gross sales, occasion info, buyer fraud, and partial bank card info.
Supply: BleepingComputer
Samples of the information seen by BleepingComputer contained extra than simply “primary contact info,” together with full names, e mail addresses, telephone numbers, addresses, hashed bank card particulars, and cost quantities.
After remaining silent for days, Ticketmaster ultimately confirmed the breach on Could 31, in a Friday night SEC submitting, stating that they didn’t consider the breach would have a fabric influence on their firm.
Ticketmaster’s breach is certainly one of many current knowledge theft assaults linked to the Snowflake database platform.
A joint investigation by SnowFlake, Mandiant, and CrowdStrike revealed {that a} menace actor, tracked as UNC5537, used compromised buyer credentials to focus on a minimum of 165 organizations that had not configured multi-factor authentication safety on their accounts.
To breach Snowflake accounts, the menace actor used credentials stolen by information-stealing malware infections relationship again to 2020.
Latest breaches linked to those assaults embrace Neiman Marcus, Santander, Ticketmaster, QuoteWizard/LendingTree, Advance Auto Elements, Los Angeles Unified, and Pure Storage.
