Was Ticketmaster hacked? [UPDATE: Yes–and things might get worse.]
If things aren’t already bad for Ticketmaster (the DOJ antitrust lawsuit against parent company Live Nation, and a massive class action lawsuit), things just got worse. Maybe.
On Tuesday (May 29), a black hat hacker group called ShinyHunters claimed to have stolen data from Live Nation and Ticketmaster. They say they have personal data on 560 million users. The breach includes (allegedly) names, address, email addresses, phone numbers, what tickets were purphcased and partial credit card data (i.e. the last four digits of the card, expiration dates).
That amounts to 1.3 terabytes of data which is now for sale on Breach Forums for US$500,000.
In the past, ShinyHunters has attacked Microsoft, Wattpad, Pluto TV, and a dozen other companies, often with some success.
UPDATE: On Friday (May 31), we learned this:
“[Ticketmater] identified unauthorized activity within a third-party cloud database environment containing company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened.”
The company identified a “criminal threat actor” who put the data up for sale on the dark web.
At the moment, Ticketmaster says that it will not have “a material impact on our overall business operations or on our financial condition or results of operations” and “we continue to evaluate the risks and our remediation efforts are ongoing.”
It’s also possible that this is just the tip of the iceberg because this attack seems to be linked to others against Snowflake, a cloud provider. In addition to providing cloud services for Ticketmaster, Santander, a banking company on the platform, was also hit. Adobe, Canva, and Mastercard are also clients.