Los Angeles, California – A class action lawsuit brought by a California resident against Snowflake, Inc., asserts that the cloud-service provider’s security gaps enabled hackers to steal personal data from Ticketmaster, leading to significant financial and personal risks for over half a billion consumers globally.
Snowflake, known for its cloud-based storage solutions which service various corporate giants, is now under intense scrutiny following revelations that it was the compromised system—not its client Ticketmaster’s servers. Members of the hacker group “ShinyHunters” reportedly accessed and plan to sell 1.3 terabytes of sensitive Ticketmaster customer data, including emails, home addresses, and financial information, potentially for $500,000.
The lawsuit was initiated by Madalena Bowers in the U.S. District Court for the District of Montana last week. Bowers is pressing for class action status to represent all victims of Snowflake’s data breaches, which have also purportedly affected other companies, including Advanced Auto Parts and the Australian ticket service, Ticketek.
Legal documents indicate that the unauthorized access attributed to lapses in Snowflake’s security protocols led to detrimental exposure of consumer’s private information, thereby spiking risks of financial loss and identity theft globally.
Ticketmaster and its parent company Live Nation acknowledged in June that a significant breach had occurred, first raising alarm about the extent of data security and potential misuse of customer information. While most initial legal actions targeted these companies directly, focus has shifted towards Snowswift as further investigations suggested it was their platform that had been infiltrated.
This isn’t an isolated episode in the tech industry, as indicated by similar breaches involving other high-profile Snowflake clients. In another notable incident, telecommunications powerhouse AT&T suffered a database infringement that compromised over 70 million customer records, which was also reportedly tied to the ShinyHunters group. Although the breach was believed to have occurred in 2021, AT&T confirmed the incident only several months later, causing extensive concern among its customers.
The growing number of lawsuits, including several against AT&T, marks a turbulent period for data security and is prompting urgent calls for enhanced protective measures across industries utilizing cloud storage. This shift underscores a critical examination of how sensitive data is handled and the subsequent implications for consumer trust and corporate accountability.
Consumer advocates and cybersecurity experts are urging for stronger regulations and prompt notification practices after a data breach, which could help mitigate the risk of identity theft and financial fraud that affects millions of unsuspecting individuals. They argue that transparency is key not only for consumer protection but also for maintaining the integrity and credibility of corporations in the increasingly digital age.
As the lawsuit against Snowflake progresses, it is clear that the broader consequences of such security failures could redefine client-service provider dynamics within the tech industry, potentially leading to more stringent security requirements and compliance measures to safeguard consumer data.