AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 6/3/2024

Cloud company Snowflake denies that reported breach originated with its products 

The cloud storage provider Snowflake is denying that its products were to blame for an apparent data breach impacting the company’s clients, including Ticketmaster and Santander Bank. This week, hackers with the ShinyHunters group claimed to have stolen personal data belonging to 560 million Ticketmaster customers and 30 million Santander customers. On Friday, researchers at the firm Hudson Rock published an analysis of online interactions with hackers who claimed they had breached Snowflake’s system to steal a huge trove of data from the two companies, among others yet to be named. The hackers had put the data up for sale on the Russian language cybercrime forum, exploit[.]in. 

 

Ticketmaster confirms massive breach after stolen data for sale online 

Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake. “On May 20, 2024, Live Nation Entertainment, Inc. (the “Company” or “we”) identified unauthorized activity within a third-party cloud database environment containing Company data (primarily from its Ticketmaster LLC subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened,” Live Nation shared in a Friday night SEC filing. “On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web.” 

 

Senator Urges FTC, SEC to Investigate UHG’s Cyberattack 

U.S. Sen. Ron Wyden, D-Ore., is urging the U.S. Securities and Exchange Commission and the Federal Trade Commission to open investigations into the February cyberattack on UnitedHealth Group’s Change Healthcare unit and asking the agencies to hold the company’s CEO and board responsible. In a letter to the SEC and FTC on Thursday, Wyden – who is chair of the Senate Finance Committee – urged the agencies to scrutinize UnitedHealth Group’s “negligent cybersecurity practices” and said the attack on Change Healthcare “caused substantial harm to consumers, investors, the healthcare industry and U.S. national security.” 

 

Police dismantle pirated TV streaming network that made $5.7 million 

Spanish police have dismantled a network of illegal media content distribution that, since the start of its operations in 2015, has made over $5,700,000. The investigation began in November 2022 following a complaint submitted by the Alliance for Creativity and Entertainment (ACE), which reported two web pages for violations of intellectual property rights. Those sites hosted the illegal IPTV service ‘TVMucho,’ also known as ‘Teeveeing,’ which, according to ACE, had over 4 million visits in 2023. 

 

Identities of Cybercriminals Linked to Malware Loaders Revealed 

Authorities in Europe have revealed the identities of eight individuals linked to several malware loader families that were disrupted last week as part of Operation Endgame. The suspects are wanted for their involvement in the distribution and administration of Bumblebee, IcedID, Pikabot, Smokeloader, SystemBC, and Trickbot, which have been used for years to steal user data, distribute other malware families, and facilitate phishing and other malicious activities.

Related Posts