Sunday, December 22, 2024

Warning for iGaming After Cloud Storage Company Data Breach

Must read

A warning has been sounded for UK iGaming operators following data breaches to Santander and Ticketmaster.

The black-hat criminal hacker group Shiny Hunters believed to have formed in 2020 is said to have been involved in the data breaches.

The breach includes payment information of millions of Santander and Ticketmaster customers. The stolen information is often sold on the dark web.

What Claims Have Been Made Over Hacking? 

  • Shiny Hunters claims to have breached Ticketmaster and Santander through Snowflake accounts.
  • Hugging Face says Spaces platform was breached. 
  • CISA adds two vulnerabilities to the KEV catalogue.
  • Live Nation confirms it sustained a data breach through a “third-party cloud database environment.”
  • BleepingComputer reports Shiny Hunters is selling the data on a hacking forum, claiming to have stolen personal information belonging to 560 million customers.
  • Santander apologises to customers and employees.
  • UK customer data was not affected or lost in the hack. 
  • Chile, Spain and Uruguay customers and staff data accessed.
  • Shiny Hunters claims to have gained access to the Ticketmaster and Santander data after hacking an employee’s account at cloud storage company Snowflake.
  • Snowflake disputes claim.
  • Santander issues statement.

Santander has said in a statement that, following an investigation, they found that

“Customers of Santander in Chile, Spain and Uruguay, as well as all current and some former Santander employees of the group had been accessed.”

Hackers Claim to Have Stolen Data of Millions of People 

ShinyHunters post advert saying they had data, including:

  • 30 million people’s bank account details 
  • 6 million account numbers and balances 
  • 28 million credit card numbers 
  • HR information for staff 

These claims have not been confirmed or commented on by Santander.

The Australian Cyber Security Centre on Saturday issued an alert warning of “increased cyber threat activity regarding Snowflake customers.”

Latest article