\n<\/p>\n
An alleged data breach potentially affecting as many as 560 million Ticketmaster accounts<\/a> and a confirmed one for Santander Bank may have stemmed from attacks on the cloud storage accounts with a company called Snowflake. As spotted by Bleeping Computer<\/em><\/a>, an investigation from cybersecurity firm Hudson Rock<\/a> reports that a bad actor gained access to Ticketmaster and Santander by using the stolen credentials of a single Snowflake employee.<\/p>\n<\/div>\n According to Hudson Rock, the hacker bypassed the authentication service Okta using these credentials and then generated session tokens to obtain a trove of information from Snowflake. In addition to Ticketmaster and Santander Bank, Hudson Rock suggests the hacker may have gained access to hundreds of other Snowflake customers. A few of the major brands that use the cloud storage service include AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard.<\/p>\n<\/div>\n Snowflake has seemingly disputed Hudson Rock\u2019s findings in its most recent response, saying that<\/a> while investigating \u201cpotentially unauthorized access to certain customer accounts,\u201d it \u201cobserved increased threat activity beginning mid-April 2024 from a subset of IP addresses and suspicious clients we believe are related to unauthorized access.\u201d <\/p>\n<\/div>\n More details on those findings are available here,<\/a> but the company says that while a bad actor accessed a \u201cdemo account\u201d belonging to a former employee, it didn\u2019t contain sensitive information. It claims that \u201cTo date, we do not believe this activity is caused by any vulnerability, misconfiguration, or malicious activity within the Snowflake product.\u201d<\/p>\n<\/div>\n Ticketmaster still has yet to confirm any breach, but malware tracker vx-underground<\/a> says it can assert \u201cwith a high degree of confidence\u201d that the leaked data is legitimate. It notes that some of the leaked information dates back to the mid-2000s and includes full names, emails, addresses, phone numbers, hashed credit card numbers, and more.<\/p>\n<\/div>\n