Ticket reselling platform Ticket To Cash kept an unprotected database online, exposing sensitive information on hundreds of thousands of customers, experts have warned.
The database was discovered by cybersecurity researcher Jeremiah Fowler, who managed to get in touch with the company and get the database locked down, sharing the details withVPNMentor. Ticket To Cash is a resale service site, using a network of thousands of partner resale sites to help users sell their concert, sports, and other tickets quickly. According to Fowler, it kept a non-password-protected, non-encrypted database with 520,054 records, totaling 200 GB in size.
Read more…
Source: TechRadar News
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- American Airlines discloses data breach after employee email compromise
September 19, 2022
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. In notification letters sent on Friday, September 16th, the airline explained that it has no evidence that the exposed data was misused. American Airlines discovered the breach on July 5th, ...
- New York ambulance service discloses data breach after ransomware attack
September 17, 2022
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022. ...
- Starbucks Singapore says customer data illegally accessed in data leak
September 16, 2022
Starbucks says personal data of some customers in Singapore has been compromised, including names, birthdates, and mobile numbers. While credit card details and passwords have not been leaked, it has advised customers to change their password. The US F&B chain sent email messages to multiple customers on Friday, notifying them that it had detected “unauthorised activity ...
- Uber security breach ‘looks bad’, potentially compromising all systems
September 15, 2022
Uber reportedly has suffered another massive security incident, which is likely more extensive than its 2016 data breach and potentially may have compromised its entire network. It also can result in access logs being deleted or altered. A hacker on Thursday was believed to have breached multiple internal systems, with administrative access to Uber’s cloud services ...
- Ransomware gang threatens 1m-plus medical record leak
September 14, 2022
Two recent ransomware attacks against healthcare systems indicate cybercriminals continue to put medical clinics and hospitals firmly in their crosshairs. Daixin Team has taken credit for a September 1 assault on Texas-based OakBend Medical Center, causing a shutdown of the organization’s communication and IT systems as well as exfiltrating internal data. The criminals claim to have stolen ...
- KeyBank: Hackers of third-party provider stole customer data
September 3, 2022
Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. The hackers obtained the information on July 5 after breaking into computers at the insurance services provider Overby-Seawell Company, according to a letter ...