Ticketmaster hack affects 560 million users

30 May, 2024 17:03 / Updated 7 months ago
The ShinyHunters group has claimed responsibility for the breach, demanding $500,000 for the stolen data

An infamous hacking group known as ShinyHunters claims to have breached the security of US-based event ticketing giant Ticketmaster and obtained sensitive data of some 560 million users from around the world.

Earlier this week, the hackers shared a sample of the 1.3 terabyte trove on a popular hacking forum and have offered to sell the data for a one-time price of $500,000. The screenshots provided by the group show over a dozen different folders and files, each weighing dozens of gigabytes.

According to the group, the stolen data includes hashed credit card numbers, the last four digits of credit cards and their expiration dates, fraud details, customer names, addresses, phone numbers, and emails, as well as ticket sales, event information, and other order details.

ShinyHunters told Hackread that they have attempted to contact Ticketmaster but have yet to get a response.

While Ticketmaster has yet to comment on the hack, Australia’s Department of Home Affairs has confirmed that it is aware of the breach, stating that it is “working with Ticketmaster to understand the incident.” The BBC has also reported that the FBI is offering assistance in the case.

Meanwhile, Christopher Budd, the director of British cybersecurity firm Sophos, told Cyber Daily that it is too soon to make any definitive statements about the breach. 

“Right now, since we only have the attackers’ words to go on, it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen,” Budd told the outlet, noting that while there is supposedly new data in the dump, there also appears to be some older information.

“It could be a series of concatenated data. Regardless of whether the breach is legitimate, the attackers have been successful in drawing attention to a criminal forum that was recently taken down. As with many takedowns like this, we often see the sites rebooted, so organizations should never let their guard down,” Budd said.

According to CyberDaily, the group’s leader is also the administrator of the BreachForums community, where the latest Ticketmaster data was published and which has recently re-emerged after being seized by the FBI and international law enforcement agencies just weeks ago.

The ShinyHunters group previously made headlines when they stole and sold data from millions of users of Microsoft, Wishbone, and AT&T in 2022. Last year, they also stole the information of almost 200,000 Pizza Hut customers in Australia.