720-891-1663

Return to client alerts

Ticketmaster Breach Showcases SaaS Data Security Risks

Recently Ticketmaster suffered a breach that allowed a third party to get access to information of 560 million customers. Not surprisingly, Live Nation, Ticketmaster’s parent and Ticketmaster are being sued for negligence. The group claiming credit is called “ShinyHunters”. They are selling the data on the dark web for $500,000. Credit: USAToday

Not directly related to this attack is the breach of Santander Bank’s customer records. In this attack, information for about 30 million customers was stolen and sold.

But there is a common thread and that is a hosting provider named “Snowflake”. Really, that is their name. Both entities use it. It is a provider that caters to users that need to be able to manipulate large data models.

Hudson Rock, a security research firm published and then removed a report that tied both of these breaches to a compromise at Snowflake. Ticketmaster admitted that the data stolen was stored at Snowflake.

Snowflake is trying to salvage their reputation – this could be a company ending event – and said if any data was stolen it was because their customers had bad security practices and that their systems were not compromised.

Snowflake is so worried about damage to their reputation that they “suggested” to Hudson Rock that they should remove their post, which they did.

Snowflake does believe that a “limited number” of their customers may have had their data stolen but, they say, in all cases, it was their customer’s fault. The now deleted post says that the hackers may have stolen data from as many as 400 Snowflake customers. Snowflake’s CEO did admit that a limited number of their customers may have had their accounts compromised. Is 400 a limited number? Could be. Credit: The Register

But the bigger story is the overall risk of storing your information in the cloud. Cloud does not equal bad, just like in house servers are not necessarily good. It does mean that either you or your cloud service provider could be an attack target and you need to protect yourself.

Cloud is a SHARED RESPONSIBILITY MODEL. That means there is stuff you are responsible for and stuff your provider is responsible for. Most importantly, for each cloud provider you use, you need to understand who is responsible for what and it could well be that the answer is different for each provider. Credit: Dark Reading

If you need help understanding your specific shared responsibilities or need help shoring up your defenses, please contact us. Credit: Information Week