Looking into Asian opportunities? Join us at our 3rd annual TheTicketingBusiness ASIA 2024 in Hong Kong [14-15-16 October]
Our global meeting returns to Manchester 28-29-30 April 2025 - Register for your #TBF25 Super Earlybird rate here

Technology

Ticketmaster ‘hack’ may have taken place weeks ago

Image by Franz Bachinger from Pixabay

Ticketmaster has still to respond publicly to a hacking group’s claims that it has stolen the personal data of more than half a billion customers, as new details emerged about the alleged cyberattack.

As reported on Wednesday, hacking group ShinyHunters claims to be selling 1.3 terabytes of Ticketmaster customer data for $500,000 on a community called Breach Forums. ShinyHunters says it has obtained 560 million Ticketmaster customers’ personal and financial information.

Ticketmaster has not issued communication via its channels either to customers or the media since the allegations came to light on Wednesday. It has also not responded to a request for comment from TheTicketingBusiness.com.

Australia’s National Office of Cyber Security says it is engaging with Ticketmaster regarding the incident. The AFP news agency reported that the US’s FBI has offered assistance to Australian authorities.

Ticketmaster hack may have taken place weeks ago

In an update on Thursday, online platform VX-Underground claims that the hack took place in April and was carried out by an unidentified ‘threat group’. Such a group would be defined as one taking part in an action that is intended to cause harm to the cyber realm.

In an X post, VX-Underground – described as the largest collection of malware source code, samples, and papers on the internet – further adds that ShinyHunters did not carry out the attack itself but is acting as a proxy for the threat group responsible.

VX-Underground claims to have garnered its information from multiple individuals privy to and involved in the alleged Ticketmaster breach. The data it has seen, it said, appears to confirm ShinyHunters’ claims that it is offering customer names, addresses, credit card numbers and authentication type.

VX-Underground added: “Based on data provided to us by the Threat Group responsible for the compromise, we can assert with a high degree of confidence the data is legitimate. Date ranges in the database appear to go as far back as 2011.

“The data provided to us, even as a ‘sample’, was absurdly large and made it difficult to review in depth. We are unable to verify the authenticity of financial information. Briefly skimming the PII present in the dump, it appears authentic.”

Posted in TechnologyTagged