Snowflake says it wasn't to blame for Ticketmaster breach — and its security pals agree

News
By published

Mandiant and Crowdstrike are backing Snowflake up on this one

A zoomed-in picture of a computer screen displaying a login window with a password typed in
(Image credit: Future)

Snowflake has claimed it isn't to blame for the major data breach that hit Ticketmaster, despite the company blaming it for security weaknesses.

Earlier this week, the ticket sales and distribution company reported a data breach in which sensitive information on more than 500 million users were allegedly stolen. 

Filing a data breach form with the SEC, Ticketmaster said that it “identified unauthorized activity within a third-party cloud database environment containing company data" - which an unnamed spokesperson later said related to Snowflake.

No evidence

Now, that company is denying these claims, and has brought two cybersecurity companies to back them up. 

In a forum thread posted on June 2, Snowflake representatives said an preliminary investigation, conducted by both CrowdStrike and Mandiant, suggested this was a credential stuffing attack, and not a system vulnerability being exploited:

“Our key preliminary findings identified to date:

we have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform;

we have not identified evidence suggesting this activity was caused by compromised credentials of current or former Snowflake personnel;

this appears to be a targeted campaign directed at users with single-factor authentication;

as part of this campaign, threat actors have leveraged credentials previously purchased or obtained through infostealing malware,” the announcement reads.

However, the researchers did find that one of the compromised accounts belonged to a former Snowflake employee. This was a demo account, and as such, did not contain sensitive data, or was able to grant access to such data. 

“Demo accounts are not connected to Snowflake’s production or corporate systems,” the announcement concluded. “The access was possible because the demo account was not behind Okta or Multi-Factor Authentication (MFA), unlike Snowflake’s corporate and production systems.”

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Woman shocked by online scam, holding her credit card outside
Cybercriminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets
SearchGPT OpenAI
Hackers offer 20 million OpenAI credentials for sale, but it says there's no evidence of a breach
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
US soldier pleads guilty to AT&T and Verizon cyberattacks, linked to Snowflake data theft
Password
Millions of airline customers possibly affected by OAuth security flaw
Illustration of a thief escaping with a white fingerprint
5 massive privacy scandals that rocked the world – and made millions of victims
Ransomware
Millions of hotel guest reservations leaked in Otelier data breach
Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Andrew Koji as Zeek pointing a gun at someone off camera.

Andrew Koji reveals Gangs of London season 3's new mysterious assassin is like 'the human Terminator' in the Sky Original series
See more latest
Most Popular
DJI Mavic 3 Pro
More DJI Mavic 4 Pro leaks seemingly reveal launch date, price and key features of the triple camera drone – here's what to expect
De'Longhi Linea Classic espresso machine on kitchen counter with hot and cold coffee drinks
I'm a qualified barista, and De'Longhi's latest espresso machine could be this year's best budget buy for coffee lovers
Man sitting on sofa, drinking coffee, looking at phone in surprise
Thousands of coffee lovers warned to stop using their espresso machines immediately after reports of burns and lacerations
Samsung HW-Q990D soundbar with Halloween theme over the top
Samsung promises to repair soundbars bricked by its disastrous software update for free – but it'll probably involve shipping
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable