What do to in aftermath of Ticketmaster and Santander breaches
Every year we see one or two major data breaches that dominate the Cybersecurity news, and 2024’s major data breach headlines appear to have just dropped. The big players this time round are Santander, Live Nation (owners of Ticketmaster) and a company most people probably haven’t heard of before until now – Snowflake.
It all kicked off in May this year when the notorious hacker group ShinyHunters posted adverts claiming to be selling the personal details of 30 million Santander customers and staff, and a whopping half a billion customer records belonging to customers of Ticketmaster. By the first day of June both Santander and Ticketmaster confirmed that, yes, customer details had been stolen, but pointed the finger at their third cloud storage company, Snowflake, as the source of the breach.
Snowflake in response claimed that while there had indeed been some misconfigurations on their platform that had allowed unauthorized access (related to a demo account) this wasn’t what led to the data breach, and it was actually certain customers (i.e. Santander, Ticketmaster) not properly securing their Snowflake accounts with multi-factor authentication that ultimately led to the unauthorized theft of customer data. That is to say, Snowflake pointed the finger right back at Santander and Ticketmaster.
But in the midst of the blame game, one thing is for certain. There are a lot of people out there who have had personal details leaked online. Again.
So first, what’s been stolen? Concerning the Santander breach, it’s bank account and credit card numbers for customers in Spain, Uruguay and Chile, but according to Santander, no information was leaked that would allow hackers to make unauthorised transactions, such as passwords or security codes.
Sponsored Content. Continued below…
For Ticketmaster, details leaked include names, addresses, phone numbers, emails and partial payment information (again, not enough to make unauthorised transactions.)
So what does this mean for you?
As with all data breaches like this, the biggest immediate threat will be targeted phishing campaigns by phone or email.
This means hackers may try and phone or email you pretending to be someone they’re not in order to try and lure you into compromising your security, such as handing over more personal information (the type of information that would allow criminals access to your hard earned money.) Phishing emails and telephone calls are par for the course these days, but in this case the crooks would be armed with personal information about you to make their schemes more convincing.
Imagine if you get a call from “your bank” and the person on the end of the line already knows your name, your address, your email and the last three digits of your bank account. That would certainly make them appear legitimate, and perhaps makes you more willing to “protect your money by transferring it to a ‘safe bank account'” (Tip: That’s always a scam. Never do that, ever.)
So as usual, in the aftermath of these large-scale data breaches that are the fault of big tech, the advice here is increased vigilance.
That means be extra sceptical of any phone calls or emails that are appear to pressure you into taking action, such as …
- Clicking a link in an email to secure your account or prevent it from being deactivated.
- Clicking a link in an email to reset your password.
- Transferring your money to a different bank account
- Giving away personal information or financial information by phone or after clicking a link on an email
- Installing software on your computer
Remember, you can always contact your bank, financial institution, Ticketmaster or any other entity of which you are a customer directly, using existing contact information you have, so you can be sure you’re really talking to them.
If you’re not sure an email is genuine, don’t engage with it, and if you’re not sure a phone call is genuine, hang up.
Read some tips about spotting phishing emails claiming to be from your bank here.