Ticketmaster confirms a massive hack: this is what you need to know

Ticketmaster has confirmed that a significant data breach has occurred—it was reported last week that over 500 million users were affected. This is like the entire population of North America (Mexico, United States, and Canada).

Live Nation, the entertainment giant that owns Ticketmaster, has confirmed the existence of “unauthorized activity” on its platform, in a leak carried out by the well-known hacker group ShinyHunters.

The group demands a one-time payment of $500,000 for the acquired data, which includes names, email addresses, order history, phone numbers, and some financial details such as partial credit card numbers and card expiration dates.

Ticketmaster has been hit by a cyber attack which has allegedly compromised the data of 560 MILLION customers (names, numbers, card details, etc)

Hackers are reportedly demanding $500,000 in exchange for keeping the stolen data sealed or are offering to sell it on the dark web. pic.twitter.com/XmkqFv7U7V

— Pop Base (@PopBase) June 1, 2024

What do we know from Live Nation?

In a statement to the US Securities and Exchange Commission, Live Nation states that the leak occurred on May 20th, and also confirms that “a criminal actor offered for sale through the dark web what supposedly was user data from the company” on May 27th.

Until now, Live Nation had not made any comments about the leak. Ticketmaster did not confirm the leak, but informed shareholders on May 31st.

What’s happening now with Ticketmaster?

Live Nation wrote in its statement that the company is working to mitigate risks for users and the company itself, cooperating with security forces in the process.

Live Nation said it is “assessing the risks” associated with the breach, and does not believe that the incident will have a material impact on its business and operations at the time of the presentation.

Last week, the Australian government confirmed that it is assisting Ticketmaster in resolving the issue, while US authorities are speaking with Ticketmaster to understand the matter.

The stolen data was hosted on Snowflake, a cloud storage and analytics company that issued its own statement yesterday addressing “an increase in cyber threat activity.”

The company also stated that it is conducting an investigation and has “promptly notified the limited number of customers” believed to have been affected by the hackers.

As reported by the BBC, the magnitude of this attack is one of the largest in history, if the figures published by ShinyHunters are correct.

Ticketmaster is currently fighting an antitrust lawsuit filed by the US Department of Justice, which claims that its parent company Live Nation relies on “illegal and anticompetitive conduct to exert its monopolistic control over the live events industry in the United States.”

Update

Snowflake has sent us the following comment:

“We have not identified any evidence to suggest that a vulnerability, a misconfiguration, or a breach of the Snowflake platform caused this activity.“