Hacker claims to have obtained records of 30 million customers of Australian ticket selling giant TEG

Date:

A hacker has advertised customer data allegedly stolen from Australia-based live events and ticketing company TEG on a well-known hacking forum.

On Thursday a hacker put up for sale data allegedly stolen from TEG, claiming he had information on 30 million users, including full names, genders, dates of birth, usernames, hashed passwords and email addresses.

In late May, TEG-owned ticketing company Ticketek disclosed a data breach affecting Australian customer data “stored on a cloud-based platform hosted by a reputable, global third party supplier.”

The company said that “no customer accounts of Ticketek have been compromised”, due to the encryption methods used to store their passwords. However, TEG admitted that “customer names, dates of birth and email addresses may have been affected” – data that would be consistent with the data advertised on hacking forums.

The hacker included a sample of the allegedly stolen data in his post. TechCrunch confirmed that at least some of the data published on the forum appears to be legitimate by attempting to sign up for new accounts using the published email addresses. In many cases, TikTech’s website returned an error indicating that the email addresses were already in use.

When contacted via email, a TEG spokesperson did not offer any comment till the time of going to press.

On its official site, Ticketek says the company “sells over 23 million tickets to more than 20,000 events each year.”

While Ticketek did not name the “cloud-based platform hosted by a reputable, global third party supplier,” there is evidence to suggest it may be Snowflake, which has recently been at the center of a series of data breaches affecting several of its customers, including Ticketmaster, Santander Bank and others.

A now-deleted post on Snowflake’s website from January 2023 was titled: “TEG personalizes live entertainment experiences with Snowflake.” In 2022, consulting company Altice published a case study detailing how the company worked with TEG to “build a modern data platform to incorporate streaming data into Snowflake.”

Contact

Do you have more information about this incident or other Snowflake-related breaches? From a non-working device, you can securely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382 or via Telegram, Keybase, and Wire @lorenzofb or via email. You can also contact TechCrunch via SecureDrop.

When contacted for comment on the TikTek breach, Snowflake spokeswoman Danica Stanczak did not answer our specific questions, and instead referred to the company’s public statement. In it, Snowflake’s Chief Information Security Officer Brad Jones said the company “has not identified evidence that suggests this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform.”

A Snowflake spokesperson declined to confirm or deny whether TEG or Tiketek are Snowflake customers.

Snowflake provides services to companies around the world that help its customers store data in the cloud. Google-owned cybersecurity firm Mandiant said earlier this month that cybercriminals stole “a significant amount of data” from several of Snowflake’s customers. Mandiant is working with Snowflake to investigate the data breach, and revealed in a blog post that the two companies have notified about 165 Snowflake customers.

Snowflake has blamed its customers for not using multi-factor authentication for the hacking campaign, allowing the hackers to use “passwords previously purchased or obtained through information-stealing malware.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Subscribe

spot_imgspot_img

Popular

More like this
Related

E-fuels startup Ather Fuels is raising $34.3 million, according to filing

According to SEC filings, Ather Fuels has raised $30.4...

Best Internet Providers in Chesapeake, Virginia

What is the best Internet provider in Chesapeake?Verizon Fios...

DNSSYS X1 Exoskeleton review: A great idea that needs further refinement

He was initially skeptical, especially on the flat slopes,...