A cybercriminal group known as Sp1d3rHunters has allegedly leaked 170,000 valid barcodes for Taylor Swift ERAS Tour events. These barcodes, which can be used for entry at upcoming concerts in Miami, New Orleans, and Indianapolis, were allegedly released for free online.
The hackers, notorious for previous high-profile breaches, have demanded US$2 million from Ticketmaster, threatening to release more sensitive data if their demands are not met. The cybercriminals value the threatened leaks at a staggering $4.67 billion.
Taylor Swift ERAS Tour Barcodes Breach: Details and Implications
Sp1d3rHunters, a combination of two well-known threat actors, ShinyHunters and Sp1d3r, have claimed responsibility for the leak. They warn that the release of Taylor Swift’s ERAS Tour barcodes is just the beginning.
If their ransom demand is not fulfilled, they threaten to release 30 million more event barcodes and 680 million users’ information. This includes tickets for events featuring artists like P!nk and Sting, as well as major sporting events such as F1 Formula Racing, MLB, and NFL games.
The allegedly leaked barcodes could potentially allow unauthorized access for thousands of fans, leading to overcrowded venues, safety hazards, and financial losses for both fans and organizers.
Additionally, Sp1d3rHunters has announced plans to release another celebrity-related leak next week, adding urgency to the situation.
The Cyber Express Team has reached out to Ticketmaster to verify the claim, but as of now, no response has been received. This leaves the claim unverified, but the potential impact remains severe.
Ticketmaster Previous Breaches and Ongoing Threats
The Ticketmaster data breach first came to light on May 27, 2024, when an individual using the alias “SpidermanData” claimed to have infiltrated Ticketmaster Entertainment, LLC, potentially exposing sensitive data of approximately 560 million users, including their card details. Shortly after, another hacker group, ShinyHunters, disclosed on May 29 that they had targeted Live Nation Entertainment, Inc., the parent company of Ticketmaster.
ShinyHunters claimed to have obtained a substantial cache of data, including customer profiles, ticket sales details, and partial credit card information. They reportedly have 1.3 terabytes of this stolen data, which they are offering for sale at a price of $500,000. This disclosure also mentioned a massive database breach involving “560M Users + Card Details,” matching the earlier claim by “SpidermanData.”
Live Nation later confirmed “unauthorized activity” on its database. In a filing to the U.S. Securities and Exchange Commission (SEC), Live Nation disclosed that a criminal actor had offered purported company user data for sale on the dark web. A spokesperson for Ticketmaster revealed that its stolen database was hosted on a Boston-based cloud storage and analytics company, Snowflake.
Snowflake stated that it had informed a “limited number of customers who we believe may have been impacted” by attacks “targeting some of our customers’ accounts.” However, Snowflake did not describe the nature of the cyberattacks or if data had been stolen from customer accounts.
To Wrap Up
The Sp1d3rHunters’ leak of 170,000 Taylor Swift ERAS Tour barcodes marks a critical moment in the ongoing battle against cybercrime. The substantial ransom demand and the threat of further data exposure highlight the vulnerabilities in the digital infrastructure of the event ticketing industry. This continuous threat cycle poses a significant challenge for Ticketmaster and other event organizers, who must now operate under the constant threat of further breaches.
Fans are advised to stay vigilant and monitor official channels for updates. Those who have already purchased tickets should verify their authenticity through Ticketmaster’s official verification processes to avoid falling victim to fraudulent activities.
The Cyber Express team will continue to monitor this developing story, providing updates as more information becomes available.
Update July 6, 1:10 PM: Statement from Ticketmaster Spokesperson to The Cyber Express
“Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied. This is just one of many fraud protections we implement to keep tickets safe and secure. Some outlets are inaccurately reporting about a ransom offer. We were never engaged for a ransom and did not offer them money. “
