Malware
Ticketmaster Alerts Customers on Recent Colossal Data Breach: Protect Your Information Now
Ticketmaster has warned customers of a recent massive data breach involving third-party supplier Inbenta Technologies. Users are urged to monitor their accounts and reset their passwords for increased security.
Imagine this: you’ve just scored tickets to see your favorite band live and you’re ecstatic. But then, you receive an email from Ticketmaster, notifying you that your personal information may have been exposed in a data breach. Sounds like a nightmare, right? Well, that’s exactly what happened to millions of Ticketmaster customers recently.
According to a data breach notification, Ticketmaster discovered that an unauthorized third party accessed a cloud database hosted by a third-party data services provider. The breach occurred between April 2, 2024, and May 18, 2024, exposing customers’ names, basic contact information, and other data depending on the user.
But, the truth is, the situation was much worse than what Ticketmaster initially reported.
The Real Story Behind Ticketmaster’s Data Breach
Last month, a hacker known as ShinyHunters started selling stolen data from Ticketmaster, claiming it contained the personal information and credit card details of 560 million users. The hacker gained access to Ticketmaster’s Snowflake account—a cloud-based data warehousing company—using compromised credentials that didn’t have multi-factor authentication enabled.
ShinyHunters began selling the data on a well-known hacking forum for $500,000, claiming that the 1.3TB of data included information on 560 million customers, ticket sales, events, customer fraud, and partial credit card information. The data contained much more than just “basic contact information,” including full names, email addresses, phone numbers, addresses, hashed credit card details, and payment amounts.
Ticketmaster eventually confirmed the breach on May 31 but downplayed its impact on the company. What’s alarming is that this breach is just one of several recent data theft attacks linked to the Snowflake database platform.
A Growing Trend in Snowflake Data Breaches
A joint investigation by Snowflake, Mandiant, and CrowdStrike revealed that a threat actor, tracked as UNC5537, used compromised customer credentials to target at least 165 organizations that didn’t have multi-factor authentication protection on their accounts. These breaches can be traced back to information-stealing malware infections from 2020.
Other recent breaches linked to these attacks include Neiman Marcus, Santander, Ticketmaster, QuoteWizard/LendingTree, Advance Auto Parts, Los Angeles Unified, and Pure Storage.
Protecting Yourself and Your Data
While Ticketmaster has offered one year of free identity monitoring to customers affected by the breach, it’s crucial for everyone to remain vigilant against identity theft and fraud. Regularly monitoring your credit history, setting up multi-factor authentication on your accounts, and staying informed about potential threats are all essential steps to take.
As for us at IT Services, we’re committed to keeping you informed and protected. We’ll continue to update you on the latest cybersecurity news and provide expert advice to help you safeguard your data. So, don’t hesitate to reach out to us with any questions or concerns and remember to keep coming back to learn more about how to stay safe in this digital world.