Australian ticketing giant claimed to have 30M user records stolen

TechCrunch reports that major Australian live event and ticketing company TEG had data allegedly stolen from 30 million of its users posted for sale.

Information claimed to have been exfiltrated included full names, birthdates, gender, birthdates, email addresses, usernames, and hashed passwords. Such a development comes nearly a month after Ticketek, a subsidiary of TEG, disclosed having the names, birthdates, and email addresses of its customers compromised following a breach of a third-party cloud-based platform. No details regarding the cloud-based platform were provided by Ticketek but parent firm TEG was found to have partnered with Snowflake, which has recently been embroiled in a breach that compromised nearly 165 customers, including Santander Bank, Ticketmaster, LendingTree, Advance Auto Parts, and the Los Angeles Unified School District. Snowflake, which has attributed the sweeping hacking operation to the lack of multi-factor authentication on customer environments, did not confirm nor deny having TEG or Ticketek among its customer base.