A hacker is promoting buyer knowledge allegedly stolen from the Australia-based reside occasions and ticketing firm TEG on a well known hacking discussion board.
On Thursday, a hacker put up on the market the alleged stolen knowledge from TEG, claiming to have data of 30 million customers, together with the total identify, gender, date of beginning, username, hashed passwords and electronic mail addresses.
In late May, TEG-owned ticketing firm Ticketek disclosed an information breach affecting Australian prospects’ knowledge, “which is stored in a cloud-based platform, hosted by a reputable, global third party supplier.”
The firm stated that “no Ticketek customer account has been compromised,” because of the encryption strategies used to retailer their passwords. TEG conceded, nevertheless, that “customer names, dates of birth and email addresses may have been impacted” — knowledge that may line up with that marketed on the hacking discussion board.
The hacker included a pattern of the alleged stolen knowledge of their submit. TechCrunch confirmed that at the very least a number of the knowledge printed on the discussion board seems authentic by making an attempt to join new accounts utilizing the printed electronic mail addresses. In numerous instances, Ticketek’s web site gave an error, suggesting the e-mail addresses are already in use.
When reached by electronic mail, a spokesperson for TEG didn’t remark by press time.
On its official web site, Ticketek says the corporate “sells over 23 million tickets to more than 20,000 events each year.”
While Ticketek didn’t identify the “cloud-based platform, hosted by a reputable, global third party supplier,” there’s proof that implies it might be Snowflake, which has been on the heart of a current collection of knowledge thefts affecting a number of of its prospects, together with Ticketmaster, Santander Bank and others.
A now-deleted submit on Snowflake’s web site from January 2023 was titled: “TEG Personalises Live Entertainment Experiences with Snowflake.” In 2022, consulting firm Altis printed a case research detailing how the corporate, working with TEG, “built a modern data platform for ingesting streaming data into Snowflake.”
Contact Us
Do you’ve got extra details about this incident, or different breaches associated to Snowflake? From a non-work system, you may contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or through Telegram, Keybase and Wire @lorenzofb, or electronic mail. You can also contact TechCrunch through SecureDrop.
When reached for touch upon the Ticketek breach, Snowflake spokesperson Danica Stanczak didn’t reply our particular questions, and as an alternative referred to the corporate’s public assertion. In it, Snowflake chief data safety officer Brad Jones stated that the corporate has not “identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform.”
Snowflake’s spokesperson declined to substantiate or deny whether or not TEG or Ticketek is a Snowflake buyer.
Snowflake supplies corporations all around the world with providers that assist its prospects retailer knowledge within the cloud. Cybersecurity agency Mandiant, owned by Google, stated earlier this month that cybercriminals have stolen a “significant volume of data” from a number of Snowflake prospects. Mandiant is working with Snowflake to research the information breach, and disclosed in a weblog submit that the 2 corporations have notified round 165 Snowflake prospects.
Snowflake has blamed the hacking marketing campaign on its prospects for not utilizing multi-factor authentication, which allowed hackers to make use of passwords “previously purchased or obtained through infostealing malware.”