Time: 2024-07-02
Ticketmaster, the popular ticket-selling platform, has recently confirmed that a Data breach occurred in which hackers were able to steal sensitive information from customers. The breach included email addresses, phone numbers, and encrypted payment card details. The hacking group responsible for the breach, ShinyHunters, claimed to have stolen a massive 1.3TB of data, affecting approximately 560 million Ticketmaster users. Despite this claim, Ticketmaster has only notified ">1000" individuals, leaving the true scope of the hack somewhat unclear.
In response to the breach, Ticketmaster is now sending out notifications to customers who may have been affected. The company has stated that the breach impacted users who utilized Ticketmaster services in the United States, Canada, and Mexico. While Ticketmaster has not provided a detailed comment on the situation, they have mentioned that affected customers will be contacted either via email or through regular mail.
One of the troubling aspects of the breach is the theft of encrypted credit card information and other personal data. Ticketmaster has admitted that the hackers obtained certain sensitive information, including the last four digits and expiration dates of credit and debit cards. The group behind the breach, ShinyHunters, attempted to sell this stolen information for a substantial sum of $500,000.
An investigation into the breach has revealed that the cybercriminals targeted a cloud database hosted by a third-party data services provider. Ticketmaster has not disclosed the name of the cloud provider in question, but evidence suggests that it could be Snowflake, a company that offers data storage solutions to numerous major organizations. Security researchers have identified a hacking group known as UNC5537 as the likely perpetrators, exploiting weak password security to breach multiple organizations that used Snowflake.
In response to the breach, Ticketmaster has promised affected users 12 months of free credit monitoring. However, they have clarified that Ticketmaster accounts themselves were not compromised, meaning that users may not need to update their passwords. Despite this assurance, customers are advised to remain vigilant and monitor their financial accounts for any suspicious activity that may arise as a result of the breach.
Following the breach, a lawsuit was filed in Californias Central District Court by residents Cynthia Ryan and Rosalia Garcia against Ticketmaster and Live Nation. The lawsuit alleges that both companies failed to adequately safeguard customers' personal information, including sensitive details such as full names, addresses, and partial payment card data. The compromised information was reportedly listed for sale on the dark web for $500,000. Live Nation, the parent company of Ticketmaster, has initiated an investigation into the breach and is taking steps to address the situation.
Business
