A hacker is selling buyer information allegedly stolen from Australian dwell occasions and ticketing firm TEG on a distinguished hacking discussion board.
On Thursday, a hacker offered information allegedly stolen from TEG, claiming to have info on 30 million customers, together with full names, genders, dates of delivery, usernames, hashed passwords and e mail addresses.
In late Might, TEG’s ticketing firm Ticketek disclosed an information breach affecting Australian buyer information “which was saved in a cloud platform hosted by a good international third-party supplier.”
The corporate mentioned that “no Ticketek buyer accounts had been compromised” because of the encryption technique used to retailer passwords. Nonetheless, TEG admitted that “buyer names, dates of delivery and e mail addresses could have been affected” – information according to that marketed on hacking boards.
The hacker included a pattern of the allegedly stolen materials in his put up. TechCrunch confirmed that a minimum of among the info posted on the discussion board seems to be legit by making an attempt to register a brand new account utilizing a broadcast e mail handle. In lots of circumstances, Ticketek’s web site will show an error stating that the e-mail handle is already in use.
As of press time, a TEG spokesperson had not commented when reached by way of e mail.
Ticketek says on its official web site that the corporate “sells greater than 23 million tickets for greater than 20,000 occasions yearly.”
Whereas Ticketek did not reveal the title of the “cloud-based platform hosted by a good international third-party vendor,” proof suggests it may very well be Snowflake, which was on the middle of a current sequence of knowledge thefts that affected a number of of its firms. firm.
A January 2023 put up on the Snowflake web site titled: “TEG creates personalised dwell leisure experiences with Snowflake” has now been deleted. In 2022, consulting agency Altis revealed a case examine detailing how the corporate labored with TEG to “construct a contemporary information platform for bringing streaming information to Snowflake.”
contact us
Have you learnt extra about this incident or different breaches associated to Snowflake? On non-work gadgets, you’ll be able to contact Lorenzo Franceschi-Bicchierai securely by way of Sign (+1 917 257 1382) or by way of Telegram, Keybase and Wire @lorenzofb or e mail. You too can contact TechCrunch via SecureDrop.
After we reached Snowflake spokesperson Danica Stanczak for touch upon the Ticketek breach, she didn’t reply our particular questions and as a substitute referred to the corporate’s public statements. Snowflake chief info safety officer Brad Jones mentioned in it that the corporate has not “discovered proof that this exercise was attributable to a vulnerability, misconfiguration or breach of the Snowflake platform.”
A spokesperson for Snowflake declined to verify or deny whether or not TEG or Ticketek are Snowflake prospects.
Snowflake gives providers to firms all over the world that assist their prospects retailer information within the cloud. Google-owned cybersecurity agency Mandiant mentioned earlier this month that cybercriminals had stolen “important quantities of knowledge” from a number of Snowflake prospects. Mandiant is working with Snowflake to analyze the information breach and revealed in a weblog put up that the 2 firms have notified roughly 165 Snowflake prospects.
Snowflake blamed the hack on its prospects not utilizing multi-factor authentication, which allowed hackers to make use of passwords “beforehand bought or obtained via information-stealing malware.”
