image source, Getty Images
Ticketmaster owner Live Nation confirmed “unauthorized activity” on its database after a group of hackers said they had stolen the personal data of 560 million customers.
ShinyHunters, the group claiming responsibility, says the data stolen includes names, addresses, phone numbers and partial credit card details from Ticketmaster users around the world.
In a filing with the US Securities and Exchange Commission, Live Nation said that on May 27 “a criminal threat actor offered the company’s user data for sale via the dark web” and that it was investigating.
The number of customers affected by the data breach has not been confirmed by Live Nation.
The Australian government said it is working with Ticketmaster to address the issue. The FBI has also provided assistance, a spokesman for the US Embassy in Canberra told Agence France-Presse.
An FBI spokesman told the BBC it had “no comment on this matter”.
In its filing, Live Nation said it was working to “mitigate the risk” to its customers and was notifying users of unauthorized access to their personal information.
“As of the date of this filing, the incident has not had, and we do not believe is reasonably likely to have, a material impact on our overall business operations or our financial condition or results of operations. We continue to evaluate risks and efforts our corrections are ongoing”, he added.
It was confirmed that Australia’s National Cyber Security Office is working with Ticketmaster to “understand the incident”.
American website Ticketmaster is one of the largest online ticketing platforms in the world.
An ad with several samples of data allegedly taken in the breach has been posted on the website BreachForums – a newly launched hacking forum on the dark web where other hackers buy and sell stolen material and information to enable of hackers.
ShinyHunters has been linked to a number of high-profile data breaches resulting in millions of dollars in losses for the companies involved.
In 2021, the group sold a real database of information stolen from 70 million customers of the American telecommunications firm AT&T.
In September last year, almost 200,000 Pizza Hut customers in Australia had their data breached.
The FBI raided the domain in March 2023, arresting its administrator Conor Brian Fitzpatrick, but he has resurfaced, according to tech media.
Users of hacking forums often inflate the extent of their hacking to get attention from other hackers.
They are often where stolen databases first appear, but they can also present false claims and claims.
Individuals claiming large data sets in the past have proven to be duplicates of previous hacks rather than newly stolen information.
If the data hack is as big as ShinyHunters claims, the hack could be the most significant breach ever in terms of numbers and scope of data stolen.
This isn’t the first time Ticketmaster has been hit with security issues.
In 2020, it admitted to hacking one of its competitors and agreed to pay a $10 million fine.
In November it was allegedly hit by a cyber attack that led to problems selling tickets for the Taylor Swift Era tour.
Earlier this month, US regulators sued Live Nation accusing the entertainment giant of using illegal tactics to maintain a monopoly over the live music industry.
The lawsuit by the Justice Department said the firm’s practices had kept out competitors and led to higher ticket prices and worse customer service.
What to do if you’re worried you’ve been infected
Experts say it’s important not to panic, but to be vigilant if you think you might be a victim.
Beware of fake emails, texts and phone calls – hackers can sometimes use the details they have to trick victims into revealing more information.
In some cases scammers may try to exploit the fear caused by the hack as a way to convince you to share information.
Be especially suspicious of:
- official messages about “resetting passwords”, “getting compensation”, “scanning devices” or “missed shipments”
- emails full of “tech speak”, designed to sound more convincing
- being prompted to act immediately or within a limited time frame
In 2018, when a hack compromised some Ticketmaster customer information, UK officials also suggested users keep an eye on their financial accounts for suspicious activity. They also advised changing the password for Ticketmaster and any other site that uses the same password.
