A threat actor is boasting on a hacking forum the theft of information pertaining to millions of Ticketek users, roughly three weeks after the company acknowledged a data breach.
On May 31, Ticketek Entertainment Group (TEG), an Australia-based live events and ticketing firm, announced that user account information had been compromised after hackers accessed a database stored on a cloud-based platform.
“The available evidence at this time indicates that, from a privacy perspective, customer names, dates of birth and email addresses may have been impacted,” TEG said.
The company revealed that no user accounts were compromised during the incident and that the attackers did not access payment information either, but shared no specific details on how the data breach occurred or which cloud service it was using.
However, the timing of the notification suggests that the incident might be related to the Snowflake campaign that hit roughly 165 organizations that failed to properly secure their accounts on the cloud platform.
The lack of multi-factor authentication and proper password hygiene allowed hackers to access those accounts using credentials stolen via infostealer malware from non-Snowflake owned systems. Some of the credentials had been compromised for over three years.
The link to the Snowflake campaign is supported by the fact that, late last week, a threat actor believed to be associated with the infamous hacking group ShinyHunters, claimed it was offering the information of roughly 30 million TEG customers.
According to the hacker, the allegedly stolen information would include names, email addresses, gender, customer IDs, and hashed passwords.
Before boasting about having the Ticketek data, ShinyHunters posted on the same forum a link to data allegedly stolen from US-based ticketing firm Ticketmaster.
In late May, ShinyHunters claimed on a relaunched BreachForums portal the theft of 560 million Ticketmaster users’ data. Ticketmaster, Santander Bank, Anheuser-Busch, Allstate, Advance Auto Parts, Mitsubishi, Neiman Marcus, Progressive, and State Farm were likely impacted by the Snowflake attacks.
Related: Santander Employee Data Breach Linked to Snowflake Attack
Related: In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up
Related: Blackbaud Settles With California for $6.75 Million Over 2020 Data Breach
Related: Insurance Company Globe Life Investigating Data Breach
