On a outstanding hacking discussion board, a hacker is promoting buyer knowledge allegedly stolen from Australian ticketing and stay occasions firm TEG.
On Thursday, a hacker put the allegedly stolen knowledge from TEG up on the market, claiming to have data on 30 million customers, together with full identify, gender, date of delivery, username, hashed passwords and e-mail addresses.
In late Could, TEG-owned ticketing firm Ticketek disclosed a leak of Australian buyer knowledge “saved on a cloud platform hosted by a good international third social gathering”.
The corporate mentioned that “not a single Ticketek buyer account has been compromised,” because of the encryption strategies used to retailer their passwords. TEG, nonetheless, admitted that “buyer names, dates of delivery and e-mail addresses could have been affected” – particulars that match these marketed on the hacking discussion board.
The hacker included a pattern of the alleged stolen knowledge in his publish. TechCrunch has confirmed that no less than a number of the knowledge posted on the discussion board seems to be reliable when attempting to join new accounts utilizing posted e-mail addresses. In quite a few instances, the Ticketek web site gave an error suggesting that e-mail addresses have been already in use.
A TEG spokesperson had no remark by press time by way of e-mail.
On its official web site, Ticketek studies that the corporate “sells greater than 23 million tickets to greater than 20,000 occasions annually.”
Though Ticketek didn’t identify the “cloud platform hosted by a good international third-party supplier”, there may be proof to counsel that it could be Snowflake, which has been on the middle of a latest collection of knowledge breaches affecting a number of its purchasers embrace Ticketmaster, Santander Financial institution and others.
A now-deleted publish on Snowflake’s web site from January 2023 was titled, “TEG Personalizes Reside Leisure Experiences with Snowflake.” In 2022, consulting agency Altis revealed a case examine detailing how the corporate, working with TEG, “created a state-of-the-art knowledge platform for ingesting streaming knowledge in Snowflake.”
Contact us
Do you’ve extra details about this incident or different violations involving Snowflake? From a non-working gadget, you may safely contact Lorenzo Franceschi-Biccherai on Sign at +1 917 257 1382, by way of Telegram, Keybase and Wire @lorenzofb, or by e-mail. You may also contact TechCrunch by way of SecureDrop.
Snowflake spokeswoman Danika Stanczak didn’t reply to our particular questions, however referred to the corporate’s public assertion. In it, Snowflake’s chief data safety officer Brad Jones mentioned the corporate had “recognized no proof that this exercise was brought on by a vulnerability, misconfiguration, or breach of the Snowflake platform.”
A spokesperson for Snowflake declined to substantiate or deny whether or not TEG or Ticketek are Snowflake prospects.
Snowflake supplies providers to firms all over the world that assist prospects retailer knowledge within the cloud. Google-owned cybersecurity agency Mandiant mentioned earlier this month that cybercriminals had stolen a “vital quantity of knowledge” from a number of Snowflake prospects. Mandiant is working with Snowflake to research the info breach, and mentioned in a weblog publish that the 2 firms notified about 165 Snowflake prospects.
Snowflake accused its prospects of a hacking marketing campaign for failing to make use of multi-factor authentication, which allowed hackers to make use of passwords “beforehand bought or obtained via information-stealing malware.”
