Massive Ticketmaster data breach: information of 560 Million customers for sale

The alleged data is being sold on the hacking forums for $500,000

In a significant cybersecurity incident, the personal and financial data of 560 million Ticketmaster customers is allegedly being sold by a hacker group known as ShinyHunters. This information is purportedly available on the revived BreachForums hacking site for $500,000.

The stolen databases, originally listed on the Russian forum Exploit, reportedly include 1.3TB of data.^[1] This encompasses customers' names, addresses, phone numbers, ticket orders, event information, and even partial credit card details.

The group claims to have accessed Ticketmaster’s data through the company’s AWS instances, possibly by exploiting a managed service provider. ShinyHunters has indicated interest from potential buyers, including Ticketmaster itself.

However, Ticketmaster has not confirmed the breach or responded to multiple inquiries. The FBI also declined to comment on whether they are investigating these claims.^[2]

Various sensitive data, like full names and home addresses, have been allegedly compromised

The data allegedly stolen by ShinyHunters includes a wide range of sensitive information. Customers' full names, home and email addresses, and phone numbers are among the personal details reportedly compromised. The databases also contain extensive order and event information, detailing ticket purchases and associated transactions.^[3]

Of particular concern is the exposure of financial data. The breach includes hashed credit card numbers, the last four digits of these card numbers, credit card types, authentication details, and expiration dates. These details span financial transactions from 2012 to 2024,^[4] posing a significant risk for fraudulent activities.

Cybersecurity experts warn that the combination of personal and financial data could be used for various scams, making it crucial for affected individuals to monitor their accounts closely.

Stolen customer information can be misused in various ways

The potential exposure of data from 560 million accounts is alarming. ShinyHunters, known for previous high-profile breaches, asserts they have customer data including email addresses, names, and partial credit card information.

Cybersecurity experts, however, advise caution as the legitimacy of these claims has yet to be verified. Some previous hacker claims have been inflated or false. If the breach is confirmed, it would be one of the largest in history, given the volume and nature of the data allegedly compromised.

For Ticketmaster users, it is essential to remain vigilant. Users should avoid clicking on unsolicited links and verify ticket offers directly through Ticketmaster's official channels.

Changing account passwords and monitoring financial statements for unusual activity is also recommended. Implementing fraud alerts or credit freezes can provide an extra layer of security against potential identity theft. With authorities in Australia and the FBI investigating, Ticketmaster’s response will be crucial in mitigating the impact on its customers.

Ticketmaster data breaches: this is not the first time

This alleged breach is not Ticketmaster’s first encounter with cybersecurity issues. Four years ago, the company faced a $10 million fine for illegally accessing a competitor's systems.

In 2018, Ticketmaster experienced another breach affecting 5% of its customer base due to compromised login and payment details via a third-party vendor, which later resulted in a £1.25 million ($1.6 million) fine by GDPR.^[5]

Additionally, Ticketmaster’s parent company, Live Nation Entertainment, is currently embroiled in legal battles. They are being sued by a coalition of attorneys general for monopolistic practices and face a proposed class action from customers affected by the recent alleged breach.

Ticketmaster processes over 500 million tickets annually and holds a dominant position in the U.S. ticketing industry. This makes the security of their customer data crucial. Past breaches and current allegations highlight ongoing vulnerabilities that need addressing to protect consumer information effectively.