The cyber-attack on Ticketfly, which remains offline after more than four days, could have left more than 26 million customers’ data exposed.
Ticketfly, which Eventbrite bought from Pandora in a $200m deal last September, took its platform down last Thursday after apparently being infected by an attack and ransom demand from a hacker calling themselves Ishakdz. Initially a message saying “Your Security Down im (sic) Not Sorry” appeared on Ticketfly’s homepage.
The ticketing company confirmed that customers’ names, addresses, email addresses and phone numbers had been exposed and posted online after a ransom was reportedly not paid. The hacker is alleged to have demanded a single bitcoin ($7,500) to divulge the vulnerability that left Ticketfly open to attack.
However, credit card numbers and passwords were apparently not affected.
“Have I Been Pwned?” (POHNED), a website that tracks data breaches, says the hack affected more than 26 million user accounts.
“Due to a recent cyber incident, Ticketfly.com is offline,” a message on its site read. “We’ve engaged leading third-party forensic and cybersecurity experts to investigate and help us address the issue, and have done this with your security top of mind.”
In a company statement, Ticketfly advised venue owners and operators to communicate to customers that they should bring photo ID and, if possible, a printed version of their digital tickets to shows. If they were not the original purchaser, they should also bring the credit card used to buy the ticket, as well as a note from the buyer and their ID.
Despite this, many promoters and venues have been left in the lurch, with several deciding to make its events free.
The website currently says: “We’re working to bring ticketfly.com back up as soon as possible. In the meantime, we encourage you to keep checking in on your favorite venue/promoters’ websites, social media channels, or box offices. Shows are on and tickets are available online and onsite.”