The latest industry news to your inbox.


I'd like to hear about marketing opportunities


I accept IQ Magazine's Terms and Conditions and Privacy Policy


Ticketfly back online, confirms 27m accounts compromised

All Ticketfly services are back to normal, with 27m accounts now known to have been compromised – albeit containing only 32% unique customer data

By Jon Chapple on 07 Jun 2018


image © Ananya Jain

After resuming limited service on Monday, all Ticketfly services are back online.

After consulting with “third-party forensic cybersecurity experts”, the US ticket seller has confirmed earlier reports that approximately 27 million accounts were accessed in last week’s cyberattack , although – crucially – no credit or debit card information was stolen. However, personal information, including names, addresses, email addresses and phone numbers, connected to the ~27m accounts was compromised.

“Upon first learning about this incident we took swift action to secure the data of our clients and fans,” says a spokesperson for the Eventbrite-owned company. “We take privacy and security very seriously and regret any disruption this has caused. We’re extremely grateful for the patience and support of the Ticketfly community.”

All account information, including passwords, were automatically reset following the attack.

Interestingly, Australian cybersecurity expert Troy Hunt, of haveibeenpwned.com, reveals more than two thirds of the compromised information was already in the site’s database – indicating it had been stolen previously in a hack of another website.

In the aftermath of the attack, several American promoters and venues were forced to postpone or migrate to another ticketing system last Friday’s onsales. A number of Ticketfly-powered websites were also downed along with Ticketfly.com.

The timing of the hack was especially sensitive, coming just a week after the implementation of the European General Data Protection Regulation (GDPR), which compels all companies – even those outside the EU, but which hold data on EU citizens – to ensure “an appropriate level of security” to protect data from theft or destruction.

The hacker, ‘IsHaKdZ’ – who claimed to have also obtained Ticketfly’s ‘backstage’ database, which is believed to contain client, rather than customer, information – has not yet resurfaced.


Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.

More news

Onsales pushed back as Ticketfly remains offline 24 hours after 'IsHaKdZ' downed Ticketfly.com, the ticketer continues to investigate the impact of the breach, which has left scores of US venues...without websites
Ticketfly resumes limited service Ticketfly restarts Backstage service but Ticketfly.com and the Ticketfly app remain offline after up to 26 million user accounts compromised
Ticketmaster customer info compromised after data ... Information compromised in the data breach could include names, addresses, email addresses, phone numbers and payment details
Andrew Dreskin joins Eventbrite board The Ticketfly/TicketWeb founder, who joined Eventbrite last year as president of music, is a "great addition" to its executive team, says CEO Julia...Hartz
“Unadvoidable” lay-offs after Eventbri... A quarter of Ticketfly employees have reportedly been let go following a "careful talent analysis" by new parent company Eventbrite