Ticketmaster breached — data of over 500 million users allegedly put up for sale online

News
By
published

Database appears to contain some pretty important information

Someone checking their credit card details online.
(Image credit: Pickawood / Unsplash)

Ticketmaster appears to have suffered a huge data breach, causing it to lose sensitive data on hundreds of millions of users.

A report from Hackreadclaims a group known as ShinyHunters published a 1.3TB database of compromised customer data, on the newly-reopened BreachForums criminal site

The database contained sensitive information on 560 million users, including payment data, but also containing people’s names, postal addresses, email addresses, phone numbers, ticket sales and event details, order information, and even partial payment card data, for sale. The partial payment card data includes cardholder names, the last four digits of the cards, expiration dates, and some customer fraud details.

Publicity stunt

The hacking group is asking for $500,000 in exchange for the database. 

Prior to offering the database for sale, ShinyHunters reached out to Ticketmaster-Live Nation in an extortion attempt, the group told Hackread - however the company allegedly did not respond to the group’s attempt to communicate. 

The timing of the leak is quite curious, given the recent relaunch of BreachForums, one of the most popular underground hacking forums in the world, just weeks after it was seized by the FBI, and one of its key administrators, alias Baphomet, allegedly arrested. 

The other key administrator was none other than ShinyHunters, a hacking collective who bragged about being out of the FBI’s reach in this case.

Following the shutdown of BreachForums, the same group said it would restart it, so today’s leak might very well be a publicity stunt to get hackers interested in the new forum. 

$500,000 might sound like a lot of money, but for hacking collectives with deeper pockets, it could be a worthy investment. Information found there could be used in different ways, including phishing attacks, identity theft, and more, which could rake in the buyers millions of dollars.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.