Ticketmaster acknowledge hackers stealing 560million customers’ data for ransom

Live Nation – the parent company of Ticketmaster – has acknowledged that it had suffered a data breach in connection to its user data.

According to a report by Hackread (via Billboard), the compromise in data was carried out by a well known hacker group called ShinyHunters, who claimed that they had stolen 1.3 terabytes of data from Ticketmaster.

Details obtained from the 560million customers include full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. They have threatened to sell the data for $500,000 (£393,800).

The ticketing company previously urged its users to carry out checks due to the data breach.

Advertisement
A ticketmaster website is shown on a computer screen on November 18, 2022
A ticketmaster website is shown on a computer screen on November 18, 2022. CREDIT: Joe Raedle/Getty Images

Live Nation has now confirmed the matter in an SEC filing on Friday (May 31). According to the filing, the company identified unauthorized activity on the database on May 20 and proceeded to launch an investigation. They stated that they have notified and are cooperating with law enforcement.

In the filing, Ticketmaster said that the breach “has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations.”

Recommended

As per Rolling Stone, a source with knowledge of the matter has shared that at the moment, there is no evidence of account credentials being compromised.

The filing also said that the breach occurred on “a third-party cloud database environment containing Company data” and not on Ticketmaster’s servers.

As confirmed to Rolling Stone by Ticketmaster, it was a database the company hosted through the cloud data company Snowflake. The filing did not provide any details on what may have caused the data breach.

Reports of the data breach come just days after the United Justice Department filed a sprawling antitrust lawsuit against Live Nation, and alleged that the ticket giant has taken abusive steps to remove competition in the United States.

Advertisement
In this photo illustration a Ticketmaster logo seen displayed on a smartphone. Credit: Mateusz Slodkowski/GETTY
In this photo illustration a Ticketmaster logo seen displayed on a smartphone. Credit: Mateusz Slodkowski/GETTY

Jake Moore, a Global Cybersecurity Advisor at cybersecurity firm ESET, told The Sun that he advises Ticketmaster customers to change their password on the site as soon as possible. He also urged users to keep an eye out for follow-up emails from the company asking for information.

“The amount of highly personal data in this extremely large breach makes this extra worrying for all those involved. Ticketmaster is choosing not to pay the ransom which is slowly becoming more common as aftermath clean-ups improve,” he said.

“As the sensitive information is now up for sale, those affected must remain extra careful, change their passwords and steer clear of follow-up emails, texts and calls claiming to be from companies and requesting information. High profile data breaches can have long-lasting effects on customers including identity theft and financial fraud.”

In other Ticketmaster news, in October last year the company announced a new plan to allow fans to contribute directly to the Music Venue Trust (MVT) to help support UK grassroots venues.