Skip to main content

TicketMaster hack sees personal data of 560M for sale [U: Snowflake statement]

Update: After reports that cloud storage provider Snowflake may have been compromised, the company said there is no evidence of this. Reading between the lines, the attack may have been made via Snowflake, but it appears to have been TicketMaster credentials that were compromised.

A TicketMaster hack has been confirmed by the company in an SEC security filing, stating that personal data of its users has been offered for sale on the dark web. The agency has not confirmed the scale of what appears to have been a massive breach …

The company’s filing is very light on details.

On May 20, 2024, Live Nation Entertainment, Inc. (the “Company” or “we”) identified unauthorized activity within a third-party cloud database environment containing Company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened.

On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web. We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.

Companies are legally required to report data breaches to the SEC within four days.

HackRead (via Engadget) says that the hackers claim to have obtained the personal data of 560 million users.

The notorious hacker group ShinyHunters has claimed to have breached the security of Ticketmaster-Live Nation, compromising the personal data of a whopping 560 million users. This massive 1.3 terabytes of data, is now being offered for sale on Breach Forums for a one-time sale for $500,000.

ShinyHunters has allegedly accessed a treasure trove of sensitive user information, including full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data. Specifically, the compromised payment data includes customer names, the last four digits of card numbers, expiration dates, and even customer fraud details.

If confirmed, this would put TicketMaster users at risk of identity theft and convincing phishing attacks, where real personal data is used to convince victims that the email is genuine.

It appears that ShinyHunters are trying to ransom the data to TicketMaster, but they say the company hasn’t responded to its contact attempts.

May really wasn’t a good month for TicketMaster: It’s the same month the Department of Justice sued the company for alleged monopolistic behavior in the live concert industry.

Photo by Roger Harris on Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications