HQ/EMEAFind out how we can help your business
Ticketek, Australia’s largest live events ticketing company, has compromised the data of almost thirty million subscribers due to a recent cyberattack by the ShinyHunters organisation. This information was uploaded on a dark web site by the criminal gang, who claimed responsibility for the intrusion.
In late May, Ticketek Entertainment Group (TEG) announced that they had discovered the breach and that the data had been obtained via an unidentified third-party cloud service. Customer names, dates of birth, and email addresses are among the compromised data. TEG did, however, guarantee that neither user accounts nor payment information were accessed during the incident.
This hack is notably similar to another one that happened with Ticketmaster and was discovered in the first part of June. On the BreachForums underground market, ShinyHunters disclosed details pertaining to 560 million customers in the Ticketmaster case. Researchers soon identified Snowflake as the hacked third-party cloud account that was the source of the intrusion. This incident was part of a bigger cyberattack that targeted other organisations’ inadequately secured Snowflake accounts.
Researchers found that up to 165 organisations were impacted by the larger effort, including well-known brands like Advanced Auto Parts and maybe Santander Bank. The attackers utilised credentials from earlier breaches and took advantage of cloud accounts without multifactor authentication (MFA). Not changing some of these passwords for as long as three years revealed serious security flaws.
TEG denies any link between the Ticketek hack and Snowflake or ShinyHunters.
Although the two cases bear similarities, TEG has not acknowledged that the Ticketek hack had anything to do with Snowflake or ShinyHunters. However, a case study from 2022 revealed Snowflake to be TEG’s technological partner, sparking more uncertainty among experts. The specifics and people involved remain unknown, as neither TEG nor Snowflake have responded to requests for comment.
The incident highlights the continuous vulnerabilities in cloud security, especially for companies that do not use strong security controls like multifactor authentication. Using old passwords worsens these vulnerabilities even more, making it simpler for hackers to take advantage of them. Organisations need to bolster their cybersecurity processes in light of the growing frequency of cyberattacks. They should also make sure that strong and current authentication procedures protect all cloud accounts.
Ultimately, ShinyHunters’ Ticketek hack is a reminder of how crucial cloud security is. TEG has responded to the intrusion by taking action, but the incident nonetheless brings attention to the larger problem of cyber vulnerabilities in the digital age. To safeguard sensitive consumer data and stop future attacks, organisations need to give cybersecurity top priority.
Future insights into how such breaches might be avoided are probably to be gained from the continuing investigation and any connections to Snowflake.
