Sign up for IQ Index
The latest industry news to your inbox.
Hackers are allegedly demanding $500,000 for the stolen personal details of 560 million Ticketmaster customers
By James Hanley on 30 May 2024
Australia’s department of home affairs is investigating the alleged theft of the personal details of 560 million Ticketmaster customers by hackers.
The notorious ShinyHunters hacking group is reportedly demanding a US$500,000 (€462,000) ransom payment for the 1.3 TB of stolen data, which is said to include partial credit card details, customer names, addresses and emails.
A department of home affairs spokesperson says it is “working with Ticketmaster to understand the incident”, while the FBI has offered assistance to Australian authorities.
VX-Underground, which describes itself as the largest collection of malware source code, samples and papers on the internet, claims the hack was carried out in April.
Citing “multiple individuals privy to and involved in the alleged Ticketmaster breach”, it tweets: “An unidentified Threat Group was able to get access to Ticketmaster AWS instances by pivoting from a Managed Service Provider.
“We can assert with a high degree of confidence the data is legitimate”
“The Ticketmaster breach was not performed by ShinyHunters group. ShinyHunters is the individual and/or group which posted the auction of the data, they are acting as a proxy for the threat group responsible for the compromise.
“Based on data provided to us by the threat group responsible for the compromise, we can assert with a high degree of confidence the data is legitimate. Date ranges in the database appear to go as far back as 2011. However, some dates show information from the mid-2000s.”
It adds: “The data provided to us, even as a ‘sample’, was absurdly large and made it difficult to review in depth.”
Security researcher Kevin Beaumont tells the BBC: “If Ticketmaster has had a breach of this scale it is important they inform customers but it is important to also consider that sometimes criminal hackers make false or inflated claims about data breaches – so people should not be overly concerned until a breach is confirmed.”
Ticketmaster has been approached for comment on the matter, but is yet to release a statement.
Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.