Photo by Amelia Holowaty Krales / The Verge
An alleged data breach potentially affecting as many as 560 million Ticketmaster accounts and a confirmed one for Santander Bank may have stemmed from attacks on the cloud storage accounts with a company called Snowflake. As spotted by Bleeping Computer, an investigation from cybersecurity firm Hudson Rock reports that a bad actor gained access to Ticketmaster and Santander by using the stolen credentials of a single Snowflake employee.
According to Hudson Rock, the hacker bypassed the authentication service Okta using these credentials and then generated session tokens to obtain a trove of information from Snowflake. In addition to Ticketmaster and Santander Bank, Hudson Rock suggests the hacker may have gained access to hundreds of…