x

The latest industry news to your inbox.

    

I'd like to hear about marketing opportunities

    

I accept IQ Magazine's Terms and Conditions and Privacy Policy

news

Ticketfly back online, confirms 27m accounts compromised

All Ticketfly services are back to normal, with 27m accounts now known to have been compromised – albeit containing only 32% unique customer data

By Jon Chapple on 07 Jun 2018

Hack

image © Ananya Jain

After resuming limited service on Monday, all Ticketfly services are back online.

After consulting with “third-party forensic cybersecurity experts”, the US ticket seller has confirmed earlier reports that approximately 27 million accounts were accessed in last week’s cyberattack , although – crucially – no credit or debit card information was stolen. However, personal information, including names, addresses, email addresses and phone numbers, connected to the ~27m accounts was compromised.

“Upon first learning about this incident we took swift action to secure the data of our clients and fans,” says a spokesperson for the Eventbrite-owned company. “We take privacy and security very seriously and regret any disruption this has caused. We’re extremely grateful for the patience and support of the Ticketfly community.”

All account information, including passwords, were automatically reset following the attack.

Interestingly, Australian cybersecurity expert Troy Hunt, of haveibeenpwned.com, reveals more than two thirds of the compromised information was already in the site’s database – indicating it had been stolen previously in a hack of another website.

In the aftermath of the attack, several American promoters and venues were forced to postpone or migrate to another ticketing system last Friday’s onsales. A number of Ticketfly-powered websites were also downed along with Ticketfly.com.

The timing of the hack was especially sensitive, coming just a week after the implementation of the European General Data Protection Regulation (GDPR), which compels all companies – even those outside the EU, but which hold data on EU citizens – to ensure “an appropriate level of security” to protect data from theft or destruction.

The hacker, ‘IsHaKdZ’ – who claimed to have also obtained Ticketfly’s ‘backstage’ database, which is believed to contain client, rather than customer, information – has not yet resurfaced.

 


Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.

More news

Onsales pushed back as Ticketfly remains offline 24 hours after 'IsHaKdZ' downed Ticketfly.com, the ticketer continues to investigate the impact of the breach, which has left scores of US venues...without websites
Ticketfly resumes limited service Ticketfly restarts Backstage service but Ticketfly.com and the Ticketfly app remain offline after up to 26 million user accounts compromised
Ticketmaster customer info compromised after data ... Information compromised in the data breach could include names, addresses, email addresses, phone numbers and payment details
Eventbrite grows revenue, profit and sales in firs... The newly public ticketing company reported YoY growth of over 45% in Q3 2018, though its share price took a hit after missing Wall Street earnings...expectations
Estée Lauder heiress Jane Lauder joins Eventbrite Clinique global brand president Lauder has been appointed to Eventbrite's ten-strong board of directors