A few days ago, an unknown group of cybercriminals stole 560 million TicketMaster accounts, and 68 million accounts of 30 million clients, from Banco de Santander. It seems that these hacks are related to the Snowflake cloud storage service.
The security firm Hudson Rock has published a comprehensive and controversial report, which it has later withdrawn. In the report he describes a theft of credentials from a Snowflake employeewhich would have allowed access to TicketMaster and Santander data.
But Snowflake assures that there have been no security breachesbut bad practices of the victims.
The hacking of TicketMaster and Santander through Snowflake
TicketMaster is the world’s leading online ticketing company. Santarder is one of the most important Spanish banks.
Both entities stored their customers’ data in cloud services such as Snowflake. Dozens of top companies do it too: Adobe, AT&T, HP, Instacart, Mastercard, NBC Universal, PepsiCo, Siemens, Yamaha, and many others.
This means that if Hudson Rock’s research is true, dozens of companies, in addition to TicketMaster and Santander, were also compromised.
As Hudson Rock explains, via Bleeping Computer, Cybercriminals stole the login account of a Snowflake employee using malware, and were able to access your ServiceNow account.
Through this access, they generated tokens with which they could enter the TicketMaster and Santander accounts, and steal their clients’ data.
Hudson Rock claims that the hackers have contacted them, and have shown them more than 2,000 customer data. They also claim to have the credentials of companies such as Anheuser-Busch, State Farm, Mitsubishi, Progressive, Neiman Marcus, Allstate, and Advance Auto Parts.
According to these unidentified alleged cybercriminals, They have asked Snowflake for $20 million to return the databut they have not received a response.
Snowflake, for its part, has recognized the gapbut assures that it was not due to the theft of an employee’s account, but due to poor security practices of the victims:
“To date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product. Throughout our ongoing investigation, we have promptly informed the limited number of customers we believe may have been affected. “.
The massive hack of TicketMaster and Santander has stolen the personal data of hundreds of millions of customers, including names, addresses, and account activities. If you are a client of these entities, change your passwords, and be careful with possible phone calls and emails that use your data, they could be a scam attempt.
Known how we work on Computertoday.
Tags: cybercriminals, hackers
