Ticketmaster’s Data Breach May Have Put the Data of 560 Million Customers at Risk

• Ticketmaster revealed in a federal filing that it was hit by a data breach that compromised the personal data of its customers.
• A hacker group that goes by the name ShinyHunters' has claimed responsibility for the attack. According to an ad posted by the group on the dark web, the data of 560 million customers has been stolen.
• Ticketmaster is working with the Australian government and other law enforcement authorities to reduce the impact of this attack. Customers are already being notified.

On Friday (May 31), Ticketmaster claimed in a federal filing to the US Securities and Exchange Commission that it may have been hit by a data breach. The company first started noticing some unusual activity on its platform on May 20, but it wasn't until May 28 that it had some solid proof about the data breach.

Stolen data includes the names, addresses, phone numbers, and partial credit card numbers of those customers.

On May 28, a hacking group called ShinyHunters posted an advert on a dark web forum called BreachForums for the sale of the data of 560 million Ticketmaster customers.

The data, which is 1.3 terabytes in size, was priced at $500,000. This is the same amount the company has to pay in ransom if it wants to stop the sale of its customers' data to malicious third parties.

The number of customers affected in the breach has not been confirmed by Ticketmaster or Live Nation (owner of Ticketmaster). It's also well worth noting that there's a high chance the hacking group is exaggerating the numbers for increased ransom.

What Is Ticketmaster Doing Now to Fix the Situation?

Both Ticketmaster and the Australian government are working together on this matter. According to a statement given by a spokesperson of the US Embassy in Canberra, the FBI has also offered to help.

The company has also confirmed that it has started notifying customers about this breach and is taking steps to mitigate" risks. What exactly these steps are isn't public information yet.

However, we do know that the hack is not likely to have any material impact on the company's financial condition or day-to-day operations.

As for Ticketmaster customers, if you believe you might have been affected by the attack, be wary of all unknown emails, calls, and messages you get from now on. Also,

• Don't click on links you don't identify and don't download any files from unknown sources.
• Don't share confidential details such as your password or credit card details with anyone, even if they claim to be a Ticketmaster representative. The company would not ask for such details.

Interestingly, this isn't the first time that Ticketmaster has been hit by a cyberattack. For example, last November, it ran into a cyber issue that hindered its sales for Taylor Swift's Era's tour. Swifties' also sued Ticketmaster over the mismanagement and loss of money.

About ShinyHunters' Hacking Group

Since the investigation is still underway, it's hard to tell whether all of the claims made by ShinyHunters are true. However, it's important to note that it's a credible threat actor, plus it has been previously linked with many high-profile cases.

ShinyHunters' past victims include Microsoft, AT&T, Pizza Hut, and Home Chef, among other companies.

• In 2021, the group sold a database containing the information of 70 million AT&T customers on the dark web.
• Similarly, in September last year, Pizza Hut Australia was hit by a data breach that affected almost 200,000 users.

Some researchers believe that the above-mentioned attack on Ticketmaster might not be a standalone attack. Instead, it's part of something bigger, connected to a larger ongoing hack targeting Snowflake-a cloud service provider.

It's worth noting that many large firms use Snowflake to store their data. This means that if Snowflake is hacked, a huge number of people (the customers of so many companies) will be at risk as far as their cybersecurity is concerned.

The post Ticketmaster's Data Breach May Have Put the Data of 560 Million Customers at Risk appeared first on The Tech Report.