Ticketmaster breached, Ticketek Australia breached, HHS notification change

from the ceso series it's cyber security headlines these are the cyber security headlines for Monday June 3rd 2024 I'm Steve Apprentice Ticket Master hack affects 560 million customers third party denies liability the attack which occurred on May 20th has been confirmed by its parent company Live Nation as having been the result of quote unauthorized activity within a third-party Cloud database environment containing company data end quote the data which is alleged to contain pii and partial payment details of up to 560 million customers was put up for sale a week later by the threat actor shiny Hunters if a ransom payment of over $500,000 was not made this by the way is the same threat actor group that breached the Spanish Bank Santander around at the same time meanwhile the third party vendor in question cloud storage provider snowflake has denied that its products were to blame for The Ticket Master breach or the Santander Bank breach for that matter according to a since removed post on the website of security firm Hudson Rock quote The Intruders were able to sign into a snowflake employees service now account using stolen credentials and from there were able to generate session tokens end quote however snow Lake while acknowledging that a former employees demo account was accessed through stolen credentials said it did not contain sensitive data and that there was quote no pathway for customers credentials to be accessed and exfiltrated from the snowflake production environment end quote Australia's tick Tech sees customer details exposed in cyber security breach separate from The Ticket Master breach story comes a breach of personal data from the Australian company Ticketek which operates ticketing operations for entertainment and sporting events in Australia and New Zealand this company has also been quote hit by a cyber incident with personal information of Australian customers stolen from a third-party Global cloud-based platform end quote when asked by The Guardian news Outlet whether the thirdparty vendor in question was snowflake representatives from Ticketek remained tight lipped they did add however that Ticketek customer credit credit card information and transactions are processed via a separate payment system which has not been impacted HHS changes Tac and allows change healthc care to file breach notifications for others this reversal from the Department of Health and Human Services is an update from an April 19th FAQ page that stated that every organization affected by the change Healthcare hack would have to file their own breach notices with federal and state Regulators this original statement had apparently angered the staff of thousands of hospitals clinics and doctors's offices who are still working through the damage caused by the attack the news statement sent by Melanie Fontes rer director of hhs's office for civil rights says quote affected covered entities that want change healthc care to provide breach notifications on their behalf should contact change Healthcare all of the required hipop breach notifications may be performed by change Healthcare and end [Music] quote thanks to today's episode sponsor conveyor conveyor the market leading AI software for answering security questionnaires and securely sharing your security documents just released their Ultimate Guide to benchmarking your team's performance on customer Security reviews get all of the detailed metrics and learn how best in- class infosec teams measure and tie their impact to revenue download the report atw .c conveyor dcom by clicking on the banner at the top that is c n v y o r.com world's largest botn net taken down the US Department of Justice said on Wednesday that it dismantled this largest botn net ever consisting of 19 million infected devices the botn net was leased to other threat actors and operated in 190 countries which is pretty pry much every country in the world it functioned as a residential proxy service known as 911 S5 a 35-year-old Chinese National was arrested in Singapore on May 24th accused of being the botn Net's admin from 2014 to July 2022 kasperski releases free Linux malware scanner kasperski has announced the release of this new virus removal tool for the Linux platform named kvrt T this tool is a standalone scanner as opposed to a real-time threat detector and allows users to scan and remove malware and other known threats for free as posted in bleeping computer quote the security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats there has been a constant supply of inth wild examples that prove otherwise most recently the XZ utils back door end quote Microsoft warns Windows 11 preview update causes taskbar crashes this warning follows a May 2024 non security preview update for Windows 11 which is causing issues for users such as the taskbar quote temporarily glitching not responding disappearing and reappearing automatically end quote Microsoft has already addressed the taskbar crashes using the known issue roll back more evidence of journalists and activists in Europe targeted with Pegasus a new investigation carried out by the human rights organization access now the citizen Lab at the University of Toronto and the independent researcher Nikolai kaliani shows that the seven people five journalists and two activists who were targeted with Pegasus spyware between August 2020 and June 2023 were Russian Belarusian Latvian and Israeli the authors of the report State quote that this underscores the continuing threat that advanced spyware poses to writers and dissidents end quote they continue by urging all governments to place a Auditorium on the sale and use of targeted digital surveillance Technologies anyone who's had to deal with compliance Frameworks knows that they can be tricky but how does an organization determine which framework will best build customer trust that's what we will be discussing on our next episode of super cyber Friday all about hacking sock 2 versus ISO 27000 1 we just published a preview video about the conversation over at cesos series.com so be sure to check it out and then head over to our events page to register to join us this Friday at 1: p.m. Eastern for the conversation you can get involved in our chat ask questions and even win some fun prizes I'm Steve Prentice reporting for the ceso series cyber security headlines are available every weekday head to cesos series.com for the full stories behind the headlines [Music]