Ticketmaster, a giant in the ticketing industry, is currently grappling with a significant data breach that has compromised the personal information of over 500 million customers. This latest blow to the company comes on the heels of an antitrust lawsuit filed by the U.S. Justice Department, aiming to dismantle what it sees as a monopoly held by Ticketmaster’s parent company, Live Nation Entertainment.
The hacker group ShinyHunters has claimed responsibility for the breach, which was initially reported by cybersecurity outlets such as Hackread and Cyber Daily. According to ShinyHunters, the stolen data includes the full names, addresses, phone numbers, email addresses, and order history of approximately 560 million Ticketmaster customers. Moreover, the breach also exposed partial payment data, including names, the last four digits of credit card numbers, and expiration dates. The hackers are reportedly selling the 1.3 terabyte data trove for $500,000 on a popular hacking forum.
This incident is particularly concerning due to the sensitive nature of the data involved. With over half a billion users affected, the potential for identity theft and financial fraud is substantial. Australia’s Home Affairs Department has confirmed a “cyber incident impacting Ticketmaster customers,” and Australian media were among the first to report on the breach.
Ticketmaster has a troubled history with both cybersecurity and fair business practices. In 2020, the company paid $10 million to rival ticketing firm SongKick after it was revealed that Ticketmaster employees had accessed competitors’ computers using stolen login credentials. Additionally, Ticketmaster has faced criticism for its handling of ticket scalping and bot attacks, which disrupt the ticket purchasing process for genuine fans.
ShinyHunters, the group behind the current breach, is notorious in the cybersecurity world. They previously targeted Mashable in 2020, accessing a database connected to a now-disabled feature that allowed users to log in with their social media accounts. Although this breach did not involve sensitive financial data, it highlighted the group’s capabilities and reach.
Despite the severity of the situation, Ticketmaster has yet to publicly comment on the breach or verify ShinyHunters’ claims. Mashable has reached out to the company for a statement but has not yet received a response. The exact method of the hack remains unclear, adding to the uncertainty and concern among affected customers.
