A cybercriminal going by the alias “SpidermanData” has claimed to breach and advertise a massive database purportedly linked to Ticketmaster Entertainment, LLC. The claim of the Ticketmaster data breach, dated May 27, 2024, was posted on the cybercrime forum Exploit and shares threatening information about the organization, including database of “560M Users + Card Details”.
The threat actor has also claimed to have access to 1.3TB of stolen data and is currently selling it for $500k. The post, accompanied by sample data, suggests that the data indeed belongs to Ticketmaster Entertainment. However, the American ticket sales and distribution company has yet to share any information about this alleged Ticketmaster data breach.
Additionally, apart from the Ticketmaster data breach, the company is also facing a lawsuit from The Justice Department for anti-competitive practices, limiting venue options, and threatening financial consequences.
The lawsuit follows public outcry, including ticketing issues during Taylor Swift’s tour. High prices, fueled by post-pandemic demand, have intensified scrutiny. Live Nation denies monopolistic behavior, but the lawsuit contends their dominance drives up prices. The Ticketmaster data breach poses another threat to the organization since databases of this caliber are usually the hot-selling items on the dark web.
Ticketmaster Data Breach: The Worst Time to Have a Cybersecurity Incident
SpidermanData claims to have access to a staggering 560 million records brimming with personally identifiable information (PII) of customers, including sensitive payment card details. This breach couldn’t have come at a worse time for Ticketmaster, coinciding with the onset of several major music festivals scheduled between May 2024 and January 2025.
Among these highly anticipated events is the FOREIGNER concert, featuring legendary rock acts led by Mick Jones and Kelly Hansen. The musical act will begin on June 11, 2024, in the United States and will conclude on November 9, 2024.
Following suit is the iconic band HEART, set to perform across the United States from July to November 2024, culminating in an international concert in Calgary, AB, Canada. Meanwhile, Allison Russell and Hozier are primed to perform from May to August 2024.
Adding to this list of bands performing this year, artists like Ian Munsick, Prateek Kuhad, and Kathleen Hanna will also go on tours across North America between 2024 and 2025. However, the jubilant atmosphere surrounding these events is now overshadowed by the threat of, one of the biggest data breaches, threatening millions of users globally.
The purportedly compromised data, amounting to a staggering 1.3 terabytes, has been divided into 15 parts, with the hacker offering samples from two segments. One dataset, extracted from a ‘PATRON’ database, contains a plethora of personal information, including names, addresses, emails, and phone numbers. Meanwhile, the other dataset includes information about customer sales, encompassing crucial details like event IDs and payment methods.
The Aftermath and Industry Implications
SpidermanData has listed the entire dataset for sale, quoting a hefty price tag of USD 500,000, and restricting the sale to a single buyer. The gravity of this situation cannot be overstated, with the compromised data posing significant risks of identity theft, financial fraud, and other criminal activities – something we’ve already seen in previous data breaches like the MOVEit File Transfer incident.
Live Nation Entertainment, the parent company of Ticketmaster, stands as a global juggernaut in the live entertainment domain, organizing and promoting thousands of shows annually across more than 40 countries. Meanwhile, Ticketmaster’s pivotal role in facilitating ticket sales for musical and non-musical events highlights its significance within the industry, making it a prime target for cybercriminals seeking to exploit vulnerabilities for personal gain.
The current Ticketmaster data breach is not the first time that the organization has faced a cyberattack. In November 2020, the company faced a hefty £1.25 million fine from the Information Commissioner’s Office (ICO) following a payment data breach in 2018. The breach, stemming from a vulnerability in a third-party chatbot, compromised the personal and payment details of over nine million customers in Europe, triggering widespread fraud and financial losses.
Whether the current data breach represents a resurgence of previously compromised data or the acquisition of freshly stolen data, the premise origin of the information about the databases remains unclear. Nevertheless, The Cyber Express will be closely monitoring the situation and we’ll update this post once we have more information on the Ticketmaster data leak or any official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
