FilmBuff
06-01-24, 11:23 AM
If you've done business with Ticketmaster, your data is probably stolen.
Ticketmaster Hacked: Customer Data Stolen and Shopped on Dark Web by ‘Criminal Threat Actor,’ Live Nation Discloses (https://variety.com/2024/digital/news/ticketmaster-hack-customer-data-security-breach-live-nation-1236021996/)
https://variety.com/wp-content/uploads/2024/06/Ticketmaster.jpg?w=1000&h=667&crop=1
Three days after initial reports that a notorious hacking group had stolen info on more than 500 million Ticketmaster customers — and was attempting to sell the data online — parent company Live Nation Entertainment confirmed the breach in a regulatory filing late Friday.
On May 20, 2024, Live Nation “identified unauthorized activity within a third-party cloud database environment containing company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened,” the company said in the May 31 SEC filing.
On May 27, 2024, a “criminal threat actor” offered what it alleged to be Ticketmaster user data “for sale via the dark web,” according to Live Nation’s disclosure.
A hacking group called ShinyHunters has claimed responsibility for stealing Ticketmaster data on 560 million customers. The 1.3-terabyte trove allegedly includes personal information on Ticketmaster users such as names, credit card numbers, emails, home addresses and phone numbers. The hackers offered to sell the stolen Ticketmaster data for $500,000, as first reported by Hackread and Australia’s CyberDaily.
The hack does not appear to have included passwords for Ticketmaster accounts but users should change their passwords as a precaution, according to Emsisoft cybersecurity analyst Brett Callow (via the New York Times).
“We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement,” Live Nation said in the filing. “As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”
Ticketmaster and Live Nation have not responded to Variety‘s requests for comment about the hacking incident.
According to the Justice Department, the ShinyHunters group posted sales of hacked data from more than 60 companies between April 2020 and July 2021. Sometimes ShinyHunters threatened “to leak or sell stolen sensitive files if the victim did not pay a ransom,” per the DOJ. In January 2024, a federal court in Seattle sentenced a 22-year-old French citizen — who was allegedly affiliated with ShinyHunters — to three years in prison and ordered him to pay more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft, the Justice Department said.
Ticketmaster Hacked: Customer Data Stolen and Shopped on Dark Web by ‘Criminal Threat Actor,’ Live Nation Discloses (https://variety.com/2024/digital/news/ticketmaster-hack-customer-data-security-breach-live-nation-1236021996/)
https://variety.com/wp-content/uploads/2024/06/Ticketmaster.jpg?w=1000&h=667&crop=1
Three days after initial reports that a notorious hacking group had stolen info on more than 500 million Ticketmaster customers — and was attempting to sell the data online — parent company Live Nation Entertainment confirmed the breach in a regulatory filing late Friday.
On May 20, 2024, Live Nation “identified unauthorized activity within a third-party cloud database environment containing company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened,” the company said in the May 31 SEC filing.
On May 27, 2024, a “criminal threat actor” offered what it alleged to be Ticketmaster user data “for sale via the dark web,” according to Live Nation’s disclosure.
A hacking group called ShinyHunters has claimed responsibility for stealing Ticketmaster data on 560 million customers. The 1.3-terabyte trove allegedly includes personal information on Ticketmaster users such as names, credit card numbers, emails, home addresses and phone numbers. The hackers offered to sell the stolen Ticketmaster data for $500,000, as first reported by Hackread and Australia’s CyberDaily.
The hack does not appear to have included passwords for Ticketmaster accounts but users should change their passwords as a precaution, according to Emsisoft cybersecurity analyst Brett Callow (via the New York Times).
“We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement,” Live Nation said in the filing. “As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”
Ticketmaster and Live Nation have not responded to Variety‘s requests for comment about the hacking incident.
According to the Justice Department, the ShinyHunters group posted sales of hacked data from more than 60 companies between April 2020 and July 2021. Sometimes ShinyHunters threatened “to leak or sell stolen sensitive files if the victim did not pay a ransom,” per the DOJ. In January 2024, a federal court in Seattle sentenced a 22-year-old French citizen — who was allegedly affiliated with ShinyHunters — to three years in prison and ordered him to pay more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft, the Justice Department said.