ShinyHunters Claims Responsibility for Data Breaches at Ticketmaster, BBC Data Breach Affects 25,000 Members: Your Cybersecurity News Roundup

Cybersecurity news on data breaches, ShinyHunters, Ticketmaster, BBC.

Hacking Group ShinyHunters Claims Responsibility Data Breaches at Ticketmaster and Santander 

Ticketmaster and Santander, two major companies, have been targeted in recent cyberattacks, with the hacking group ShinyHunters claiming responsibility. The group reportedly sells stolen data, including millions of customers’ names, addresses, phone numbers, and partial payment details.

The source of the breaches appears to be linked to cloud hosting provider Snowflake, where both companies stored their customer data. While Snowflake claims that only a “limited number” of accounts were compromised and denies any vulnerabilities in its systems, government authorities have issued warnings about the incident. The full extent of the breach is still unknown, but there are indications that other companies may also be affected.

Snowflake has notified its customers and urged them to review their account settings and implement multi-factor authentication. Security experts recommend that affected individuals remain vigilant about phishing attempts and monitor their accounts for any suspicious activity. The investigation is ongoing, and more details are expected to emerge as authorities continue to probe the incident.

BBC Confirms Data Breach Affecting 25,000 Members

The BBC recently confirmed a data breach affecting its pension scheme, exposing the personal information of over 25,000 current and former employees. The compromised data, including names, national insurance numbers, dates of birth, gender, and home addresses, was copied from a cloud-based storage service. The BBC assures that sensitive financial data and passwords remain secure and there is no evidence of misuse so far.

The breach has raised concerns about potential risks such as fraud, identity theft, and phishing attacks for the affected individuals. The BBC is actively investigating the incident, has implemented additional security measures, and is urging employees to be vigilant for suspicious communications. Although the broadcaster denies any connection to ransomware, the incident underscores the importance of safeguarding personal information and the ongoing threat of cyberattacks.

This breach follows a previous incident where the BBC was reportedly impacted by the MOVEit zero-day vulnerability, highlighting organisations’ persistent challenges in securing their digital infrastructure and protecting sensitive employee data.

Europol's Operation Endgame Dismantles Major Malware Networks, Arrests Key Suspect

Europol announced the successful takedown of infrastructure linked to several malware loader operations, including IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot, in a coordinated effort called Operation Endgame. Between May 27 and May 29, 2024, authorities dismantled over 100 servers globally. They arrested four individuals—one in Armenia and three in Ukraine—following searches at 16 locations across Armenia, the Netherlands, Portugal, and Ukraine. The operation involved law enforcement agencies from multiple countries and resulted in the seizure of over 2,000 domains.

The targeted malware facilitated ransomware attacks and other malicious activities, posing significant risks, including compromising hospital critical care systems. Authorities used techniques such as “sinkholing” to disrupt botnets. One main suspect reportedly earned €69 million by renting infrastructure for ransomware deployment.

Operation Endgame, the largest-ever against botnets, showcased the power of international collaboration in cybercrime disruption, with participation from numerous cybersecurity firms and agencies across Europe and North America.