Massive Ticketmaster, Santander Data Breaches Linked to Snowflake Account Hacks
Hackers personal claimed responsibility for a broad recordsdata breach interesting Ticketmaster and Santander Financial institution, doubtlessly affecting over 590 million accounts.
The breach, linked to a Snowflake employee’s compromised credentials, has raised severe concerns regarding the safety of cloud storage services.
The breach reportedly uncovered the inside most recordsdata of 560 million Ticketmaster users and 30 million Santander customers.
The compromised recordsdata entails paunchy names, email addresses, mobile phone numbers, and hashed bank card numbers, with some recordsdata relationship wait on to the mid-2000s.
The hacker community ShinyHunters has claimed responsibility for the breach and has tried to promote the details on the dim web for $500,000.
Per cybersecurity firm Hudson Rock, the breach originated from the stolen credentials of a single Snowflake employee.
The hacker bypassed the authentication provider Okta and generated session tokens to web entry to a trove of recordsdata saved on Snowflake’s cloud platform.
This means allowed the hacker to infiltrate Ticketmaster and Santander and doubtlessly a entire bunch of pretty quite loads of Snowflake customers, along side predominant manufacturers like AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard.
Snowflake has disputed Hudson Rock’s findings, asserting that the breach did no longer fabricate from any vulnerability within its techniques.
“In accordance to a letter we purchased from Snowflake’s neatly suited counsel, we now personal got determined to take hold of down all jabber material connected to our anecdote,” Hudson Rock acknowledged in a assertion on Monday.
The firm acknowledged that a archaic employee’s demo account was accessed the exhaust of stolen credentials however maintained that this account did no longer comprise inspiring recordsdata.
Snowflake emphasised that its manufacturing and company techniques are safe by stringent safety features, along side multi-ingredient authentication, which weren’t in space for the demo account.
Impact on Santander and Ticketmaster
Santander confirmed that particular customer recordsdata in Spain, Chile, and Uruguay had been accessed however acknowledged that no transactional recordsdata or credentials that would enable transactions had been compromised.
The bank has notified regulators and is cooperating with legislation enforcement in its investigation.
The ticketmaster has but to verify the extent of the breach publicly. Alternatively, the cybercriminals sing to personal accessed recordsdata belonging to extra than half one thousand million customers, along side partial bank card primary factors.
The breach has keep Ticketmaster below vital scrutiny, with customers and regulators demanding answers.
The breach has highlighted the vulnerabilities connected to cloud storage services and the importance of strong safety features.
The incident has also brought attention to the hacker community ShinyHunters, which has a history of high-profile recordsdata breaches, along side these interesting Microsoft and AT&T.
The community’s actions underscore the rising threat of cyberattacks and the need for continuous vigilance and enchancment in cybersecurity practices.
The broad recordsdata breaches at Ticketmaster and Santander, linked to compromised Snowflake accounts, wait on as a stark reminder of the severe importance of cybersecurity.
Snowflake fair no longer too long within the past issued steering on identifying and stopping unauthorized client web entry to.
Source credit : cybersecuritynews.com