Over 500 million customers have been impacted by a significant Ticketmaster data breach after a cyber-attack targeted the website. Reports indicate that hackers have accessed customers’ names, phone numbers, and addresses globally, totaling 1.3 TB of stolen data. The group responsible, known as TheShinyHunters, is reportedly asking for a $500,000 ransom in exchange for the stolen database.
Key Takeaways
- Massive Data Compromise: Over 560 million TicketMaster customers’ personal information, including names, phone numbers, addresses, order histories, and partial payment data, was stolen and is being sold by the ShinyHunters hacking group.
- High Ransom Demand: The ShinyHunters are attempting to sell the 1.3 TB of stolen data for $500,000 on the dark web forum Breach Forums.
- Ongoing Investigations: The Australian Department of Home Affairs and the FBI are collaborating with Ticketmaster to investigate the breach, with suspicions that the attack may have involved accessing a cloud-hosting service called Snowflake.
- Security Concerns and Legal Context: This breach adds to Ticketmaster’s history of security issues and comes amid a legal challenge from the US Department of Justice and 29 states accusing Ticketmaster of monopolizing ticket sales and suppressing competition.
Massive Data Breach by ShinyHunters Exposes Over 560 Million TicketMaster Customers
Yet another breach has been announced by a hacking group. A hacker group known as ShinyHunters has taken responsibility for a data theft incident that compromised the personal information of over 560 million TicketMaster customers. This group is allegedly selling this 1.3 TB of data on a well-known hacking forum, Breach Forum. The hacking incident and resulting data leak occurred alongside the relaunch of BreachForums. This dark website facilitates the buying and selling stolen materials and information that can be used to conduct hacks.
The group is trying to sell the data for a one-time fee of $500,000 (£400,000) to any interested buyer. If you’ve ever used Ticketmaster, the following details could currently be at risk of being sold to malicious entities by the ShinyHunters:
- Name
- Phone number
- Address
- Order history and purchase specifics
- Email address
- Partial payment data, including the last four digits of your credit card number and the card’s expiration date
With such data, hackers have ample opportunity to cause significant problems. Given the large number of affected individuals—over 500 million—a skilled hacker has numerous potential targets for extracting payment information and possibly accessing bank accounts.
This data breach might be the largest in terms of the sheer volume of affected individuals and the extensive data compromised. The Australian Department of Home Affairs reportedly collaborates with Ticketmaster to investigate the breach. Additionally, the FBI is said to have offered its help to Australian officials.
The specifics of how ShinyHunters executed its attack remain unknown. However, there are indications that the attacks may have targeted a cloud-hosting service known as Snowflake, which led to this major leak.
However, denying the news, Snowflake reported in its blog update that there is no indication the incident was due to any vulnerabilities, misconfigurations, or security breaches of its platform. Nevertheless, they did verify that a threat actor gained access to demo accounts using the credentials of a former employee. These accounts contained no sensitive data.
Ticketmaster has previously faced similar issues with online security breaches, including bad actors using bots to manipulate ticket sales and purchase tickets for resale. In 2021, Ticketmaster faced a $10 million fine for illegally accessing data from Songkick, a competitor. Employees of Ticketmaster had obtained login details and accessed SongKick’s computer systems without authorization. The ticketing company reported last January that cyber-attacks driven by bots disrupted sales for Taylor Swift concerts.
Talking about the hacking group, it’s not their first attack; ShinyHunters was responsible for a 2020 data breach at Mashable. They accessed a database linked to a defunct feature that enabled users to log into Mashable with their social media accounts. The breach compromised data such as email addresses but did not include passwords or financial information.
ShinyHunters also claims to have contacted Ticketmaster regarding the breach but says they have not received a response.
This announcement is part of a broader context where Ticketmaster is facing a legal challenge from the US Department of Justice and 29 states, accusing it of monopolizing ticket sales and suppressing competition.
Steps to Take If You’re Worried About the Ticketmaster Data Breach
Organizations that manage personal information must adhere to strict legal standards to prevent unauthorized access to this data.
If you’re a Ticketmaster customer and have been alerted that your data may have been compromised, it’s crucial to understand your rights. Also, if you suspect your data might be at risk and Ticketmaster hasn’t contacted you, you should contact them immediately to address your concerns.
The incident with Ticketmaster demonstrates the risks associated with data breaches, including the possibility of your information being sold on the dark web or used maliciously. It’s vital to remain vigilant for signs of phishing attempts designed to steal more personal information.
To protect yourself, there are several proactive steps you can undertake, including:
- Please be sure to monitor any credit card accounts linked to Ticketmaster for unusual activity, as these accounts are at a higher risk of being compromised. Also, keep an eye out for any unauthorized transactions. For added security, you might want to request a new credit card number from your issuer.
- It’s important to update your Ticketmaster account settings by changing the password and enabling two-factor authentication. Additionally, it’s a good idea to set up two-factor authentication for your email account in order to protect your Ticketmaster account and other personal information from scammers.
- You should also think about enrolling in continuous credit monitoring. This type of service will notify you immediately if there are any attempts to open new accounts in your name. For example, WalletHub provides free around-the-clock monitoring of your TransUnion credit report.
- Keep an eye on your tickets for upcoming events. Tickets can be quite valuable and are frequently resold online. Check your Ticketmaster account and email for any unexpected ticket transfer notifications.
- Avoid unsolicited requests for personal information. Unexpected phone calls and emails asking for your personal data may increase. Remember, don’t provide any information if you didn’t initiate the contact.
- Choose to freeze your credit rather than setting a fraud alert. Freezing your credit reports with Equifax, Experian, and TransUnion prevents fraudulent borrowing. A freeze restricts access to your credit reports, stopping new loans or credit lines from being opened in your name. In contrast, a fraud alert provides less protection.
About TicketMaster
Image source
Ticketmaster is a leading ticket distribution company in the United States, specializing in selling tickets for a wide range of live entertainment events, including sports, concerts, family shows, theater, and more. The company operates on a large scale, selling tickets through about 3,300 retail outlets worldwide, 19 telephone call centers, and its website, ticketmaster.com. It serves over 10,000 clients, including venues, artists, and promoters.
In addition to its main operations, Ticketmaster manages TicketWeb, a site that caters to independent venues, and ReserveAmerica, which handles campsite reservations in North America. It also operates several regional ticketing service companies. Ticketmaster is a subsidiary of IAC/InterActiveCorp, owned by media entrepreneur Barry Diller.
Conclusion
The Ticketmaster data breach has affected over 560 million users, exposing personal information and posing significant security risks. The hacking group ShinyHunters is attempting to sell the stolen data, including sensitive customer details, for $500,000. Investigations by the Australian Department of Home Affairs and the FBI are ongoing, highlighting the need for strong cybersecurity measures.
Ticketmaster’s history of security issues and legal challenges further emphasizes the importance of safeguarding customer data. Users should take proactive steps to protect their personal information and remain vigilant against potential data misuse.
