In an SEC filing, Live Nation Entertainment confirmed its subsidiary Ticketmaster suffered a data breach, claiming it will not materially impact overall business operations.
Last week, on May 28, 2024, Hackread.com exclusively reported a significant data breach involving Live Nation Entertainment and its subsidiary Ticketmaster. This breach involved the notorious hacker or hacker group ShinyHunters, also the admin of the cybercrime forum Breach Forums. The hacker had put up the data of 560 million Ticketmaster users for sale at $500,000.
In a subsequent SEC (U.S. Securities and Exchange Commission) filing, Live Nation confirmed the data breach, validating Hackread.com’s initial report. The company’s statement filed on May 31, 2024, detailed the timeline and the nature of the breach:
“On May 20, 2024, Live Nation Entertainment, Inc. (the “Company” or “we”) identified unauthorized activity within a third-party cloud database environment containing Company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened.”
“On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web. We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information. “
Live Nation Entertainment, Inc
Despite the detailed acknowledgement, the identity of the third-party cloud company involved remains undisclosed. Some rumours speculate that Snowflake Inc., a prominent cloud computing-based data cloud company, might be the implicated party.
Ticketmaster, Santander Bank Data Breach and Snowflake
It is worth noting that another confirmed data breach linked to Snowflake is the massive hack of Santander Bank by the hacking group ShinyHunters, involving 30 million user records from Spain, Chile, and Uruguay.
The stolen Santander Bank data was being sold for $1.5 million last week. However, in an exclusive statement to Hackread.com, the hacker claimed to have already sold the data for that price. This breach has raised additional concerns, despite denials from Snowflake and ShinyHunters regarding their involvement.
However, Snowflake’s internal investigations, conducted with the assistance of cybersecurity firms CrowdStrike and Google’s Mandiant, concluded that Snowflake itself was not breached.
Snowflake’s findings did reveal an unrelated security issue. A former employee’s credentials were used to access demo accounts. While these accounts did not contain sensitive data or credentials that could compromise production systems, Snowflake emphasized the importance of their security measures:
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform; we have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel.”
“We did find evidence that a threat actor obtained personal credentials to and accessed demo accounts belonging to a former Snowflake employee. It did not contain sensitive data. Demo accounts are not connected to Snowflake’s production or corporate systems. The access was possible because the demo account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake’s corporate and production systems.”
Snowflake
Live Nation is now focusing on mitigating the risks associated with this breach. They have engaged industry-leading forensic investigators and cooperating with law enforcement and regulatory authorities. The company has also started notifying affected users.
The Ticketmaster data breach shows the critical need for vital cybersecurity measures, particularly in managing third-party cloud environments. As investigations continue, both Live Nation and Snowflake are working to ensure that such incidents do not recur.
Nevertheless, while the immediate financial impact of the breach on Live Nation appears limited, the long-term implications for user trust and regulatory scrutiny could be significant. The cybersecurity community and users alike will watch closely as more details emerge. Therefore, stay tuned, this article will be updated accordingly.
RELATED TOPICS
- Ticketmaster hacked a rival and now it’s paying a $10M fine
- Massive Cloud Database Leak Exposes 380 Million Records
- After Denial, AT&T Confirms Data Breach Affecting 73M Users
- Thousands of Stolen AnyDesk Login Credentials Sold on Dark Web
- Nissan Confirms Data Breach Affected 100K Customers, Employees