Sign up for IQ Index
The latest industry news to your inbox.
Australia’s department of home affairs is investigating the alleged theft of the personal details of 560 million Ticketmaster customers by hackers.
The notorious ShinyHunters hacking group is reportedly demanding a US$500,000 (€462,000) ransom payment for the 1.3 TB of stolen data, which is said to include partial credit card details, customer names, addresses and emails.
A department of home affairs spokesperson says it is “working with Ticketmaster to understand the incident”, while the FBI has offered assistance to Australian authorities.
VX-Underground, which describes itself as the largest collection of malware source code, samples and papers on the internet, claims the hack was carried out in April.
Citing “multiple individuals privy to and involved in the alleged Ticketmaster breach”, it tweets: “An unidentified Threat Group was able to get access to Ticketmaster AWS instances by pivoting from a Managed Service Provider.
“We can assert with a high degree of confidence the data is legitimate”
“The Ticketmaster breach was not performed by ShinyHunters group. ShinyHunters is the individual and/or group which posted the auction of the data, they are acting as a proxy for the threat group responsible for the compromise.
“Based on data provided to us by the threat group responsible for the compromise, we can assert with a high degree of confidence the data is legitimate. Date ranges in the database appear to go as far back as 2011. However, some dates show information from the mid-2000s.”
It adds: “The data provided to us, even as a ‘sample’, was absurdly large and made it difficult to review in depth.”
Security researcher Kevin Beaumont tells the BBC: “If Ticketmaster has had a breach of this scale it is important they inform customers but it is important to also consider that sometimes criminal hackers make false or inflated claims about data breaches – so people should not be overly concerned until a breach is confirmed.”
Ticketmaster has been approached for comment on the matter, but is yet to release a statement.
Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.
The UK’s Information Commissioner’s Office (ICO) has fined Ticketmaster £1.25 million over a data breach that compromised the payment information of an estimated 9.4m customers in Europe, including 1.5m in the UK.
Concluding its investigation of a 2018 cyberattack which targeted Ticketmaster, TicketWeb and Get Me In! websites through a third-party customer support plug-in, the ICO found that Ticketmaster UK Ltd violated GDPR by failing to put in place “appropriate security measures” to protect its customers’ data.
ICO investigators found that, as a direct result of the Ticketmaster breach, 60,000 payment cards belonging to Barclays Bank customers had been subjected to known fraud. Another 6,000 cards were replaced by Monzo Bank after it suspected fraudulent use.
James Dipple-Johnstone, ICO deputy commissioner, says Ticketmaster failed to assess the risks of including the third-party product, a chatbot developed by Inbenta Technologies, on its payment page, as well implement appropriate security measures to negate those risks.
“Looking after their customers’ personal details safely should be at the top of organisations’ agenda”
The company also failed to identify the source of the fraudulent activity in a timely manner, having taken nine weeks from first being alerted to possible fraud (in February 2018) to finally monitoring the network traffic through its online payment page, according to the ICO.
“When customers handed over their personal details, they expected Ticketmaster to look after them,” says Dipple-Johnstone (pictured). “But they did not. Ticketmaster should have done more to reduce the risk of a cyberattack. Its failure to do so meant that millions of people in the UK and Europe were exposed to potential fraud.
“The £1.25 million fine we’ve issued today will send a message to other organisations that looking after their customers’ personal details safely should be at the top of their agenda.”
The Ibenta bot was removed from Ticketmaster’s websites in June 2018.
Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.
The disruption of an Israel Philharmonic Orchestra (IPO) virtual concert and fundraising gala last weekend was caused by a cyberattack, the orchestra has confirmed.
The attack – the first outage of a major livestreamed show since the format took off amid the coronavirus pandemic – crashed the websites of the IPO and its broadcast partner, Medici.tv, during the stream on Sunday 28 June.
More than 13,000 people had registered to view the hour-long event, hosted by Dame Helen Mirren, which aimed to help the orchestra overcome financial losses as a result of Covid-19.
No group has claimed responsibility for hacking the stream.
“Hackers were determined to silence our message and stamp out our voice, but they will not succeed”
“We were thrilled that so many had registered to join us for this event, giving us the opportunity to bring the healing power of music to people who need it at this difficult time,” comments Tali Gottlieb, executive director of the IPO Foundation.
“Our organisation had high hopes that this event would help us raise emergency funds to support the members of the Israel Philharmonic in the face of an unprecedented financial crisis.”
Danielle Ames Spivak, executive director of American Friends of the Israel Philharmonic Orchestra, which helped organise the event, adds: “Hackers were determined to silence our message and stamp out our voice, but they will not succeed. More than ever, we are determined to spread the Israel Philharmonic’s message of hope, peace, and beauty around the world.”
Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.
A computer scientist has been sentenced to a month in prison for hacking into the onsale for French metal festival Hellfest.
On 9 October, the man took the festival’s ticketing servers offline by sending 46,000 simultaneous connections to its Weezevent-powered box office, a court in Bobigny, Paris, heard. The man works in cybersecurity and is part of a group of hackers, but had no previous criminal convictions, according to 20 Minutes.
Found guilty of “fraudulent [activities] in an automated data-processing system”, the man was fined, in addition to the one-month jail term. The prosecution had pushed for a three-month suspended sentence.
The hacker told he wanted to buy tickets for Hellfest 2020 without “having to queue”
While the hacker reportedly told police that he wanted to buy tickets for Hellfest 2020 without “having to queue”, festival director Ben Berbaud tells Ouest-France the man did not buy a single pass. (During the half-hour cyberattack, all other buyers were presented with an error page.)
Even with the downtime, the festival sold out all 55,000 three-day passes in an hour and a half.
Hellfest 2020, the 15th edition of the event, takes place 19–31 June 2020. Hellfest 2019 performers included Kiss, Tool, Manowar, Def Leppard, Lynyrd Skynyrd, Whitesnake and Slayer.
Get more stories like this in your inbox by signing up for IQ Index, IQ’s free email digest of essential live music industry news.