Ticketmaster recently reported a data breach affecting over 500 million users, attributing the issue to security weaknesses in Snowflake’s cloud database environment. Snowflake denies responsibility, suggesting that the breach resulted from credential stuffing attacks rather than vulnerabilities in their system. Third-party cybersecurity firms CrowdStrike and Mandiant supported Snowflake’s preliminary findings, indicating that the breach likely involved single-factor authentication and credentials obtained from previous malware incidents. While a compromised demo account was found, it did not contain or provide access to sensitive data, and it was not protected by multi-factor authentication.

Snowflake says it wasn't to blame for Ticketmaster breach — and its security pals agree TechRadar

In response to recent zero-day vulnerabilities and security threats, Google has mandated urgent updates for its Chrome browser. All users, including federal employees, are required to apply updates by June 6 to protect against critical exploits, such as memory issues and vulnerabilities in the Chromium Visuals and V8 Engine. U.S. government agencies have already updated their systems, with additional deadlines looming for other known exploits. Furthermore, users are cautioned against the potential risks of cookie theft through malicious plugins and the importance of verifying the authenticity of installed extensions. Despite concerns over ad blockers affected by the transition from Manifest V2 to V3, the security updates remain essential. If a system no longer supports Chrome updates, discontinuation of use is advised to avoid exploitation.

Google Chrome Deadline—72 Hours To Update Or Delete Your Browser Forbes

The Office of the National Coordinator for Health Information Technology (ONC) was created in 2004 by an executive order from President George W. Bush to develop a nationwide interoperable health IT infrastructure. In 2005, ONC awarded multimillion-dollar contracts to foster public-private collaboration and accelerate health IT adoption. The Federal Health IT Strategic Plan 2008-2012 aimed to transform the healthcare system by guiding federal agencies and stakeholders’ efforts. The 2009 HITECH Act bolstered health IT adoption, reduced costs, and empowered patients, while also legally establishing ONC. From 2010 onward, ONC launched various programs, certifications, and frameworks to support health IT implementation and interoperability, including the S&I Framework and the voluntary ONC Health IT Certification Program.

By 2011, a new strategic plan guided health IT adoption, and the 2014 Edition Final Rule introduced enhanced certification criteria. In 2014, ONC outlined a 10-year vision for interoperable health IT infrastructure, and by 2015, it released roadmaps to guide nationwide and federal IT initiatives, emphasizing standards and reducing information blocking. The 2016 21st Century Cures Act focused on interoperability and patient access to health information,

ONC - 20 Years ONC 20th Anniversary Commemoration

This research uncovers a significant data breach involving cloud storage provider Snowflake. A threat actor behind this breach revealed that they used stolen credentials to access a Snowflake employee's ServiceNow account, bypassing security measures and generating session tokens to exfiltrate a large amount of data. The breach, which impacted approximately 400 companies including customers of Ticketmaster and Santander Bank, has led to data being sold on cybercrime forums. Documents provided by the threat actor confirmed the extent of their access. The actor attempted to blackmail Snowflake for $20 million, but the company was unresponsive. Snowflake is investigating the breach, which was part of a broader pattern of identity-based cyberattacks. Hudson Rock continues to monitor and report on the developments of this case.

Snowflake, Cloud Storage Giant, Suffers Massive Breach: Hacker Confirms to Hudson Rock Access Through Infostealer Infection Hudson Rock