Sun, June 16, 2024

Major Cybersecurity Breaches Hit Ticketmaster and Santander

Cyberattack -decentralized finance platform, snowflake

Quick Look:

  • Hackers compromised 560 million customers’ data via a third-party cloud database.
  • Sensitive data of 30 million individuals and millions of bank account details were stolen.
  • Snowflake is intensifying security, working with CrowdStrike and Mandiant, and pushing for multifactor authentication.

On Friday, Live Nation’s Ticketmaster confirmed a significant personal information data breach. The leakage compromised the personal information of approximately 560 million customers. The breach occurred through a third-party cloud database environment, believed to be orchestrated by the notorious hacking group Shiny Hunters. The stolen data was later found on a hacking forum, raising substantial security concerns.

Snowflake Responds to Ticketmaster Breach

Snowflake, a company involved in the incident, commented on the breach. The company indicated that the attack seemed specifically aimed at single-factor authentication users. They assured stakeholders that there was no evidence of a vulnerability or misconfiguration in Snowflake’s platform contributing to the breach. Meanwhile, cybersecurity firm Hudson Rock took prompt action to remove the report from online forums to mitigate further risks.

Santander Bank also fell victim to Shiny Hunters, with the hackers allegedly stealing vast amounts of sensitive data. The compromised information included bank details of 30 million individual account numbers and balances for 6 million accounts. Besides, it obtained credit card numbers for 28 million customers. The severity of this breach highlights the persistent and evolving threat posed by cybercriminal groups.

Hackers Target Snowflake Customers: Hundreds of Passwords Exposed

The incidents extended beyond Ticketmaster and Santander, affecting several other companies like Advance Auto Parts and LendingTree. Hackers targeted Snowflake customer accounts, exposing hundreds of customer passwords using infostealer malware. This type of malware, designed to harvest sensitive information, has seen a surge in usage, driven by its effectiveness in compromising data such as credit card numbers, web browser activities, and bank account information. According to Flashpoint Inc., the demand for such malware is rising, with monthly subscriptions priced at around $250.

Snowflake Bolsters Security with CrowdStrike and Mandiant

Recognising the gravity of these breaches, Snowflake has intensified its security protocols. Moreover, the company works closely with renowned cybersecurity firms CrowdStrike and Mandiant to bolster their defences. They have urged customers to adopt multifactor authentication (MFA). Currently, they are in the process of developing a plan to mandate MFA for all users.

The US Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre have issued alerts regarding the breaches. These agencies recommend enhanced cybersecurity practices to counteract the threats associated with the Snowflake incident.

Snowflake has also made it clear through various communications that the hackers exploited single-factor authentication vulnerabilities using infostealer malware or purchased credentials and that there is no evidence of any inherent vulnerabilities in their platform.

Shiny Hunters’ High-Profile Attacks Increase Since 2020

The Shiny Hunters group, active since 2020, has a history of high-profile attacks on companies such as Microsoft, Mashable, and Bonobos. Their recent activities underscore the growing sophistication and audacity of cyber criminals. As organisations rely on cloud-based solutions, robust cybersecurity measures become increasingly critical to safeguard sensitive data and maintain user trust.

The recent breaches at Ticketmaster and Santander Bank underscore the persistent and evolving threat of cybercrime. With personal and financial data at stake, organisations must adopt stringent security measures, including multifactor authentication, to protect against sophisticated hacking groups like Shiny Hunters. Collaborative efforts with cybersecurity firms and adherence to recommendations from governmental cybersecurity agencies are essential steps in fortifying defences against future attacks.

YOU MAY ALSO LIKE

Stocks

Quick Look: Bilibili Inc. (NASDAQ: BILI) saw an 8.48% rise to $15.61,

Tractable raises $60M to grow in accident - robot recovery

Quick Look: Ray Kurzweil predicts significant lifespan extension and human-AI integration by

Gold

Quick Look: Gold (XAU) reached a record high in May 2024, with

COMMENTS

Leave a Comment

Your email address will not be published. Required fields are marked *

User Review
  • Support
    Sending
  • Platform
    Sending
  • Spreads
    Sending
  • Trading Instument
    Sending

BROKER NEWS

Zenfinex Reports Revenue Surge but Faces Operating Losses

London-based broker Zenfinex, now operating as Taurex, has exposed its fiscal year 2023 financial results, which paint a complex picture of its economic situation. Zenfinex’s Fiscal Overview Zenfinex Limited’s revenue hit £848,306, a

BROKER NEWS

Broker News

Zenfinex Reports Revenue Surge but Faces Operating Losses

London-based broker Zenfinex, now operating as Taurex, has exposed its fiscal year 2023 financial results, which paint a complex picture of its economic situation. Zenfinex’s Fiscal Overview Zenfinex Limited’s revenue hit £848,306, a significant