That upstream provider being Snowflake, according to this article: https://www.hudsonrock.com/blog/snowflake-massive-breach-acc...

(posted on HN here: https://news.ycombinator.com/item?id=40534868)

There's not much press going on for this breach yet. I've never heard of Hudson Rock until I read their report about Snowflake today. Only reputable outlet I've seen make an article yet is BleepingComputer.

Makes you wonder what other big outfits that are also Snowflake customers are affected.-

Here's a list of their customers that they provide: https://www.snowflake.com/en/customers/all-customers/

Showing 0 items for me!

A few that might be dangerous. Pfizer, CMS Healthcare, Playstation (Sony), the LA school district, KFC, Freddie Mac (sideshow bob sound...), Capital One, AT&T, Yamaha, Vanderbilt, the Superior Court of California, Square, Siemens Health, Pacific Life Insurance, Ohio Worker's Compensation, Netgear, Micron, HP, Western Union, Warner Music Group, Siemens, Juniper Networks, Forbes, Comcast, City of Tacoma (very financially transparent, cloudy even), Autodesk, and Auburn University.

Also, general informational map of those likely affected based on the Ticketmaster breach at least.

https://developer.ticketmaster.com/assets/img/products-and-d...

Also: Okta also just got hit, and had 99% of user data stolen. Might be related.

https://www.govexec.com/technology/2023/11/okta-breach-inclu...

The Snowflake breach supposed affects up to 400 companies with a single credential exfiltration. The world wide web's starting to seem like more work than its worth...

Also, lots of coverage. Just not front and center.

(Reuters) https://www.reuters.com/technology/cybersecurity/live-nation...

(Fox Business) https://www.foxbusiness.com/technology/hackers-claim-ticketm...

(Bloomberg) https://www.bloomberg.com/news/articles/2024-05-31/live-nati...

(FT, Santander Portion) https://www.ft.com/content/cfeec015-60b2-4106-a279-4c74fbfd4...

(Associated Press) https://apnews.com/article/ticketmaster-live-nation-data-bre...

(BBC, Santander theft, claimed link to Snowflake) https://www.bbc.com/news/articles/c6ppv06e3n8o

(CNN) https://www.cnn.com/2024/05/31/business/live-nation-ticketma...

(NBC) https://www.nbcnews.com/business/live-nation-probing-ticketm...

(CBS) https://www.cbsnews.com/video/what-to-know-about-alleged-tic...

(Bleeping Computer) https://www.bleepingcomputer.com/news/security/snowflake-acc...

(Law360) https://www.law360.com/articles/1842317/live-nation-confirms...

(Techcrunch, apparently did a secondary verification) https://techcrunch.com/2024/05/31/live-nation-confirms-ticke...

(Security Week, note that new BreachForums and post may be honeypot) https://www.securityweek.com/hackers-boast-ticketmaster-brea...

(Spiceworks, BreachForums may have ShinyHunters as admins, and ShinyHunters are suspected of being middlemen or proxies) https://www.spiceworks.com/it-security/data-security/news/ti...

(Malware Bytes, screen cap of the post from BreachForums) https://www.malwarebytes.com/blog/news/2024/05/the-ticketmas...

The amount and importance of the information in this reply merits it - somehow - being a post of its own. Bravo.-

Thanks. Mostly just got curious about how extensive the issues might be. Once I realized TechCrunch had actually tried the accounts and Ticketmaster said they were all real accounts, then it got a bit more serious. (italic emphasis mine below)

> TechCrunch on Friday obtained a portion of the allegedly stolen data containing thousands of records, including email addresses. This included several internal Ticketmaster email addresses used for testing, which are not public but appear as real Ticketmaster accounts. TechCrunch verified on Friday that the records we checked belong to Ticketmaster customers.

> TechCrunch checked the validity of these accounts by running the internal email addresses through Ticketmaster’s sign-up form. All of the accounts came back as real. (Ticketmaster displays an error if someone enters an email address that is already a real Ticketmaster account.)

In addition to the accounts working, which in itself is pretty bad. There's also the internal test accounts.

Holy care that's huge if true.

What's the biggest data hack ever?

Thanks, upvoted!

Some might say the outfit responsible for the Santander break was Santander...

How can Snowflake be upstream of Ticketmaster?

Ticketmaster surely uses Snowflakes services to store data making it downstream of Ticketmasters own services.

The intent of GP's comment is to imply the hack is a Snowflake hack that happens to compromise Ticketmaster data. If this was a compromise of a Ticketmaster account that managed their data at Snowflake, Snowflake would have been downstream of the original compromise.

This is a far more scary claim than OP's article, because that means there could be many more compromised customers out there that don't know it yet. It's a bit chilling, knowing some friends might be in deep shit.