Massive Ticketmaster, Santander data breaches linked to Snowflake cloud storage
What method did the hacker use to gain access to Ticketmaster and Santander Bank accounts?
The hacker gained access to Ticketmaster and Santander Bank accounts by using the stolen credentials of a single Snowflake employee. Snowflake is a cloud storage company used by these organizations. The hacker bypassed the authentication service Okta using these stolen credentials and then generated session tokens to obtain a trove of information from Snowflake. This method potentially gave them access to hundreds of other Snowflake customers as well.
How many Ticketmaster accounts are potentially affected by the data breach?
The data breach at Ticketmaster potentially affects as many as 560 million accounts. The breach was allegedly carried out by a hacking group called ShinyHunters, who claimed responsibility and attempted to sell the stolen data on the dark web for $500,000. The breach reportedly included personal information such as full names, email addresses, phone numbers, and payment information. However, it is important to note that Ticketmaster has not confirmed the breach at the time of writing.
Which authentication service did the hacker bypass using stolen credentials from a Snowflake employee?
The hacker bypassed the authentication service Okta using stolen credentials from a Snowflake employee.