A hacker is promoting buyer knowledge allegedly stolen from Australian stay streaming and ticketing firm TEG on a well known hacker discussion board.
On Thursday, the hacker put the purportedly stolen TEG knowledge up on the market, claiming to have info on 30 million customers, together with full title, gender, date of beginning, username, hashed passwords and e-mail addresses.
On the finish of Might, TEG-owned ticketing firm Ticketek reported an information leak impacts Australian buyer knowledge “which is saved on a cloud platform hosted by a good international third social gathering supplier.”
The corporate stated that “not a single Ticketek buyer account was compromised” due to the encryption strategies used to retailer their passwords. TEG did, nonetheless, acknowledge that “buyer names, dates of beginning and e-mail addresses could have been affected” – knowledge that will match the info marketed on the hacker discussion board.
The hacker included a pattern of the supposedly stolen knowledge in his put up. TechCrunch confirmed that at the very least a few of the info posted on the discussion board seems to be authentic by making an attempt to register new accounts utilizing the revealed e-mail addresses. In a lot of instances, the Ticketek web site displayed an error suggesting that e-mail addresses have been already in use.
Reached by e-mail, a TEG spokesperson had no remark on the time of publication.
On its official web site, Ticketek says the corporate “sells greater than 23 million tickets yearly to greater than 20,000 occasions.”
Whereas Ticketek didn’t title the “cloud platform hosted by a good international third-party supplier,” there may be proof to counsel it may very well be Snowflake, which was on the heart of a current sequence of information thefts affecting a number of of its purchasers, together with ticket grasp, Santander Financial institution and others.
The put up is now deleted on the Snowflake web site. from January 2023 was titled: “TEG personalizes stay leisure with Snowflake.” In 2022, the consulting firm Altis revealed a case examine detailing how the corporate, working with TEG, “constructed a contemporary knowledge platform to ingest streaming knowledge into Snowflake.”
Join with us
Do you have got any further details about this incident or different violations associated to Snowflake? From a non-working machine, you may securely contact Lorenzo Franceschi-Bicchierai on Sign at +1 917 257 1382 or through Telegram, Keybase and Wire @lorenzofb, or E-mail. You can even contact TechCrunch through SecureDrop.
When contacted for touch upon the Ticketek hack, Snowflake spokesperson Danika Stanczak didn’t reply our particular questions and as an alternative referred to the corporate’s public assertion. In it, Snowflake CISO Brad Jones stated the corporate “has discovered no proof that this exercise was attributable to a vulnerability, misconfiguration or compromise of the Snowflake platform.”
A Snowflake spokesperson declined to substantiate or deny whether or not TEG or Ticketek is a Snowflake shopper.
Snowflake gives companies to corporations world wide that assist their clients retailer knowledge within the cloud. Google-owned cybersecurity firm Mandiant stated earlier this month that Cybercriminals stole “vital quantities of information” from a number of Snowflake clients. Mandiant is working with Snowflake to research the info breach and stated in a weblog put up that the 2 corporations have notified about 165 Snowflake clients.
Snowflake blamed the hacking marketing campaign on its purchasers for not utilizing multi-factor authentication, which allowed hackers to make use of passwords “beforehand bought or obtained via malware to steal info.”