An information breach doubtlessly affecting as many as 560 million Ticketmaster accounts and a confirmed one for Santander Financial institution might have stemmed from assaults on the cloud storage accounts with an organization referred to as Snowflake. As noticed by Bleeping Pc, an investigation from cybersecurity agency Hudson Rock stories {that a} dangerous actor gained entry to Ticketmaster and Santander through the use of the stolen credentials of a single Snowflake worker.
Based on Hudson Rock, the hacker bypassed the authentication service Okta utilizing these credentials after which generated session tokens to acquire a trove of data from Snowflake. Along with Ticketmaster — which publicly acknowledged the breach afterward Friday night — and Santander Financial institution, Hudson Rock suggests the hacker might have gained entry to a whole lot of different Snowflake prospects. Just a few of the key manufacturers that use the cloud storage service embody AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard.
Snowflake has seemingly disputed Hudson Rock’s findings in its most up-to-date response, saying that whereas investigating “doubtlessly unauthorized entry to sure buyer accounts,” it “noticed elevated risk exercise starting mid-April 2024 from a subset of IP addresses and suspicious purchasers we consider are associated to unauthorized entry.”
Extra particulars on these findings can be found right here, however the firm says that whereas a nasty actor accessed a “demo account” belonging to a former worker, it didn’t include delicate info. It claims that “So far, we don’t consider this exercise is attributable to any vulnerability, misconfiguration, or malicious exercise inside the Snowflake product.”
Even earlier than Ticketmaster confirmed the breach, malware tracker vx-underground stated it might assert “with a excessive diploma of confidence” that the leaked information is legit. It notes that a number of the leaked info dates again to the mid-2000s and consists of full names, emails, addresses, telephone numbers, hashed bank card numbers, and extra.
Earlier this month, Santander revealed a press release to verify that “sure info” of consumers in Chile, Spain, and Uruguay had been accessed. The Verge reached out to Ticketmaster and Santander with requests for remark however didn’t instantly hear again.
