Hundreds of millions of customers may be affected by the May breach
Ticketmaster has confirmed it has suffered from a security breach that may affect 560 million customers. In May, HackRead reported that ShinyHunters had illegally acquired 1.3 TB of data, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data, including the last four digits of credit card numbers, expiration dates, and customer fraud details.
The group, known for its high-profile data breaches, listed the data on Breach Forums, which it controls, for a one-time fee of $500,000. Breach Forums was seized by the FBI in May, but the hackers regained control, proving their unmatched skill sets. The well-known hacker group says it’s attempted to contact Ticketmaster about the breach, but the Live Nation-owned company hadn’t responded at the time of the report. It’s still unclear if they ever did, but Ticketmaster has publicly addressed the situation in an email to potentially affected customers.
“Ticketmaster recently discovered that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider,” the email reads. “Based on our investigation, we determined that the unauthorized activity occurred between April 2, 2024, and May 18, 2024. On May 23, 2024, we determined that some of your personal information may have been affected by the incident. We have not seen any additional unauthorized activity in the cloud database since we began our investigation.”
Customers’ names, basic contact information, encrypted credit or debit card numbers, and expiration dates may have been obtained illegally.
“We have been diligently investigating this incident with the assistance of outside experts,” the company writes. “We have also contacted and are cooperating with federal law enforcement authorities, and this notice has not been delayed due to law enforcement investigation. We have additionally taken a number of technical and administrative steps to further enhance the security of our systems and customer data. These measures include rotating passwords for all accounts associated with the affected cloud database, reviewing access permissions, and increased alerting mechanisms deployed in the environment…We are fully committed to protecting your information, and deeply regret that this incident occurred.”
The company assures Ticketmaster accounts were not affected by the breach. However, they recommend being “mindful of phishing attempts such as emails from unknown senders or those that contain unusual content” or “being asked to provide personal information over the phone.”
The global ticketing giant has had cybersecurity issues before, including tickets for Taylor’s Swift billion dollar-grossing Eras Tour being disrupted by a bot-drive attack last year. The company was also found guilty of hacking into rival Songkick to obtain confidential information in 2021, leading to a $10 million settlement to Songkick.
In May, the US Justice Department, along with 30 state and district attorneys general, filed a civil antitrust lawsuit against Live Nation Entertainment Inc. and its wholly-owned subsidiary, Ticketmaster LLC (Live Nation-Ticketmaster) for monopolization and other unlawful conduct that thwarts competition in markets across the live entertainment industry. The lawsuit, which includes a request for structural relief, seeks to restore competition in the live concert industry, provide better choices at lower prices for fans, and open venue doors for working musicians and other performance artists.
In November 2022, US Senator Amy Klobuchar wrote a letter to Ticketmaster expressing concern about the lack of competition in the ticketing industry and questioning whether the company is taking the necessary steps to provide the best service it can to consumers.