A hacker is promoting buyer information allegedly stolen from the Australia-based stay occasions and ticketing firm TEG on a well known hacking discussion board.
On Thursday, a hacker put up on the market the alleged stolen information from TEG, claiming to have info of 30 million customers, together with the total title, gender, date of start, username, hashed passwords and electronic mail addresses.
In late Could, TEG-owned ticketing firm Ticketek disclosed an information breach affecting Australian clients’ information, “which is saved in a cloud-based platform, hosted by a good, international third celebration provider.”
The corporate mentioned that “no Ticketek buyer account has been compromised,” due to the encryption strategies used to retailer their passwords. TEG conceded, nonetheless, that “buyer names, dates of start and electronic mail addresses might have been impacted” — information that may line up with that marketed on the hacking discussion board.
The hacker included a pattern of the alleged stolen information of their publish. TechCrunch confirmed that not less than a few of the information revealed on the discussion board seems professional by trying to join new accounts utilizing the revealed electronic mail addresses. In a lot of instances, Ticketek’s web site gave an error, suggesting the e-mail addresses are already in use.
When reached by electronic mail, a spokesperson for TEG didn’t remark by press time.
On its official web site, Ticketek says the corporate “sells over 23 million tickets to greater than 20,000 occasions annually.”
Whereas Ticketek didn’t title the “cloud-based platform, hosted by a good, international third celebration provider,” there may be proof that implies it may very well be Snowflake, which has been on the heart of a current sequence of information thefts affecting a number of of its clients, together with Ticketmaster, Santander Financial institution and others.
A now-deleted publish on Snowflake’s web site from January 2023 was titled: “TEG Personalises Reside Leisure Experiences with Snowflake.” In 2022, consulting firm Altis revealed a case examine detailing how the corporate, working with TEG, “constructed a contemporary information platform for ingesting streaming information into Snowflake.”
Contact Us
Do you will have extra details about this incident, or different breaches associated to Snowflake? From a non-work machine, you possibly can contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram, Keybase and Wire @lorenzofb, or electronic mail. You can also contact TechCrunch by way of SecureDrop.
When reached for touch upon the Ticketek breach, Snowflake spokesperson Danica Stanczak didn’t reply our particular questions, and as a substitute referred to the corporate’s public assertion. In it, Snowflake chief info safety officer Brad Jones mentioned that the corporate has not “recognized proof suggesting this exercise was brought on by a vulnerability, misconfiguration, or breach of Snowflake’s platform.”
Snowflake’s spokesperson declined to substantiate or deny whether or not TEG or Ticketek is a Snowflake buyer.
Snowflake offers firms all around the world with companies that assist its clients retailer information within the cloud. Cybersecurity agency Mandiant, owned by Google, mentioned earlier this month that cybercriminals have stolen a “important quantity of information” from a number of Snowflake clients. Mandiant is working with Snowflake to analyze the information breach, and disclosed in a weblog publish that the 2 firms have notified round 165 Snowflake clients.
Snowflake has blamed the hacking marketing campaign on its clients for not utilizing multi-factor authentication, which allowed hackers to make use of passwords “beforehand bought or obtained by way of infostealing malware.”
