Connect with us

Hi, what are you looking for?


Data Breaches

Hacker Claims Theft of 30M User Records From Australia Ticketing Company TEG

A hacker claims to have stolen the information of 30 million users from TEG subsidiary Ticketek.

A threat actor is boasting on a hacking forum the theft of information pertaining to millions of Ticketek users, roughly three weeks after the company acknowledged a data breach.

On May 31, Ticketek Entertainment Group (TEG), an Australia-based live events and ticketing firm, announced that user account information had been compromised after hackers accessed a database stored on a cloud-based platform.

“The available evidence at this time indicates that, from a privacy perspective, customer names, dates of birth and email addresses may have been impacted,” TEG said.

The company revealed that no user accounts were compromised during the incident and that the attackers did not access payment information either, but shared no specific details on how the data breach occurred or which cloud service it was using.

However, the timing of the notification suggests that the incident might be related to the Snowflake campaign that hit roughly 165 organizations that failed to properly secure their accounts on the cloud platform.

The lack of multi-factor authentication and proper password hygiene allowed hackers to access those accounts using credentials stolen via infostealer malware from non-Snowflake owned systems. Some of the credentials had been compromised for over three years.

The link to the Snowflake campaign is supported by the fact that, late last week, a threat actor believed to be associated with the infamous hacking group ShinyHunters, claimed it was offering the information of roughly 30 million TEG customers.

According to the hacker, the allegedly stolen information would include names, email addresses, gender, customer IDs, and hashed passwords.

Advertisement. Scroll to continue reading.

Before boasting about having the Ticketek data, ShinyHunters posted on the same forum a link to data allegedly stolen from US-based ticketing firm Ticketmaster.

In late May, ShinyHunters claimed on a relaunched BreachForums portal the theft of 560 million Ticketmaster users’ data. Ticketmaster, Santander Bank, Anheuser-Busch, Allstate, Advance Auto Parts, Mitsubishi, Neiman Marcus, Progressive, and State Farm were likely impacted by the Snowflake attacks.

Related: Santander Employee Data Breach Linked to Snowflake Attack

Related: In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up

Related: Blackbaud Settles With California for $6.75 Million Over 2020 Data Breach

Related: Insurance Company Globe Life Investigating Data Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

Check Point Software has appointed Nadav Zafrir as Chief Executive Officer

BlackFog has named Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales

Former NSA cybersecurity chief Rob Joyce has joined Sandfly Security's Advisory Board.

More People On The Move

Expert Insights