Fool me once, shame on you. Fool me twice, shame on me. In June of 2018, Ticketmaster announced a data breach that affected potentially five percent of their entire customer database. This breach may have resulted in the theft of confidential data to include customer payment details and more. Ticketmaster’s website security was compromised by a malware-laden chatbot which they had installed on quite a few of the Ticketmaster websites worldwide. This is deja vu all over again, as only a few months prior malware-laden chatbots brought breaches to Sears, Delta Airlines, and Best Buy. Think carefully about installing third-party web services and giving them access to your cloud infrastructure before your security operations center team has a chance to thoroughly audit their security and evaluate the risk of integrating their services with your own critical cloud infrastructure. The cyberattackers compromising chatbots on Ticketmaster may have collected names, emails, payment details, and other key login information. On the other side of the world, Paris-based FastBooking, a firm that sells hotel booking software, was hacked by a malicious attack that may have possibly impacted the data and customers of over 1,000 hotels across the world. To give you a sense of how big this breach could be, consider that in Japan, as reported so far, the FastBooking breach impacted over 380 Japan-based hotels; just one impacted Japanese hotel chain noted that it impacted the information of an estimated 124,000 of their guests. In this case of the FastBooking breach, the attacker identified a vulnerability in an application hosted on the FastBooking server, which in turn was exploited to install malicious software. As always, you are only as strong as your weakest cloud infrastructure link. Think carefully about all of your SaaS vendor services and integrating them with your cloud infrastructure. Proceed cautiously until your security operations center team has a chance to thoroughly audit their security and assess their risk as a potential vendor. The use of CipherCloud’s award-winning cloud access security broker (CASB+) can help lock down your cloud applications and protect them against all of the common cloud threats. We can stop malware and attacker tools, and meet advanced persistent threats (APTs) head-on. To learn more, request a CASB+ trial to see how it can better fit your needs.
*** This is a Security Bloggers Network syndicated blog from CipherCloud CASB+ Platform | Enterprise Cloud Security authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/blog/ticketmaster-and-fastbooking-hacked-lessons-learned