Hackers have reportedly been targeting the cloud storage platform Snowflake to steal data from its hundreds of customers, which may include Ticketmaster.
(Photo : Joe Raedle/Getty Images)
Snowflake on Cybersecurity Breach
Snowflake, a Boston-based company known for providing cloud-based data storage and analytics services to numerous major brands, confirmed that it is investigating increased cyber threat activity targeting some of its customers' accounts.
This statement follows a claim by cybersecurity vendor Hudson Rock, which reported that Snowflake experienced a "massive breach" affecting up to 400 companies.
Hudson Rock discovered the incident after communicating with a hacker who allegedly accessed the data of Ticketmaster and Santander Bank. According to the cybersecurity vendor, the hacker noted that all these breaches originated from the compromise of a single vendor, Snowflake.
The hacker asserted that they breached Snowflake by acquiring login credentials from an employee's ServiceNow account, which seemed to be integrated into Snowflake's internal IT infrastructure.
This access allowed them to bypass security measures from Snowflake's single sign-on provider, Okta. After gaining entry, the hacker claimed to have generated session tokens, enabling them to extract substantial amounts of data from the company.
Hudson Rock disclosed that the hacker then attempted to extort $20 million from Snowflake but received no response from the Montana-based company.
Read Also: Live Nation Announces Support for Fair Ticketing Act Following Taylor Swift's Ticket Selling Issues
Live Nation Confirms Ticketmaster Was Hacked
Live Nation, a major player in the entertainment industry, has confirmed that its ticketing arm, Ticketmaster, experienced a security breach. According to TechCrunch, the confirmation came in a filing with government regulators late on Friday.
Live Nation said the breach involved unauthorized activity within a third-party cloud database containing company data. Although Live Nation did not disclose the name of the third-party cloud database, it is known that much of Live Nation and Ticketmaster's infrastructure is hosted on Amazon Web Services.
In its filing, the company said the breach occurred on May 20 and May 27, when a cybercriminal also offered what it alleged to be "company user data for sale via the dark web."
While Live Nation did not specify whose personal information was compromised, it is believed to relate to customers. The reason for the company's delay in publicly disclosing the breach, which took more than a week, remains unclear.
"As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations," Live Nation said in the filing. "We continue to evaluate the risks and our remediation efforts are ongoing."
A Ticketmaster spokesperson told TechCrunch that the company's stolen data was hosted on Snowflake. However, the spokesperson did not explain how the data was extracted from Snowflake's systems.
Related Article: Ticketmaster Antitrust Lawsuit Sparks Optimism for Ticketing Startups
