Ticketek Data Breach

 

Another Australian company affected by a data breach late last week. PII customer data were affected by this attack. The ticketing company said in a statement that data from Ticketek Australia account holders stored on a cloud-based platform by a global third-party supplier had been affected.

The available evidence at this time indicates that, from a privacy perspective, customer names, dates of birth and email addresses may have been impacted, the company said.

Customers affected to this attack should receive an email from Ticketek directly. Some customers have already received the email. 

It appears as a common scenario that companies suffers a data-breach from third-party providers - as an example, the Nissan event.  

From within the hacking forum, the hackers claimed ownership of the attack. According to the threat actor, they used credentials stolen using information-stealing malware to breach a Snowflake employee's ServiceNow account, which they used to exfiltrate information from the company. This information included unexpired authentication tokens that could be used to create session tokens and access customer accounts to download data.

The company added that the attacks began in mid-April, with customers' data first being stolen on May 23.