Ticketmaster, a subsidiary of Live Nation, has experienced a data breach that could potentially affect millions of customers.
On May 20, the company detected “unauthorised activity within a third-party cloud database environment containing company data (primarily from its Ticketmaster L.L.C. subsidiary).“ The third party mentioned is Snowflake, a prominent cloud company used by organisations to store, manage, and analyse large volumes of data.
Live Nation promptly initiated an investigation with industry-leading forensic investigators to find out what happened. The investigation revealed that a “criminal threat actor” purportedly attempted to sell Ticketmaster data on “the dark web.”
On May 28, Hackread reported that the hacking group calling themselves ShinyHunters had claimed responsibility for the cyberattack. They made this claim on the online forum BreachForums, a platform known for facilitating data breaches and the exchange of such compromised data. The hacker group said they have acquired the personal details of 560 million users, including names, addresses, credit card numbers, phone numbers, and payment details. The group is also seeking US$500,000 as a ransom.
Live Nation has not confirmed whether ShinyHunters is indeed the culprit. They have also stated that they are actively “working to mitigate risk to [their] users” and are collaborating with law enforcement officials. They further mentioned that, based on their investigation, the breach was unlikely to have “a material impact on our overall business operations or on our financial condition or results of operations.”
The Office of the Privacy Commissioner has stated that TicketMaster has not notified them of a breach affecting users in New Zealand. According to the Commissioner, organisations and businesses are legally obliged to immediately inform the Office and affected individuals if a privacy breach is likely to cause serious harm.
Meanwhile, Ticketmaster users can safeguard themselves by remaining vigilant against phishing attempts, regularly monitoring their accounts and credit cards for any suspicious activity, updating passwords to strong and unique alternatives, and enabling two-factor authentication (2FA) to strengthen their online security.