Ticketmaster, owned by Live Nation, has suffered a major data breach that might impact millions of customers. On 20th May, the company noticed suspicious activity in a database, leading to an investigation. A week later, on the 27th, someone offered to sell what they claimed was Ticketmaster data on the dark web.

What Happend?

Hackread reported that the hacking group ShinyHunters claimed responsibility for the breach. They posted on BreachForums, a site for sharing stolen data, and demanded $500,000 for a 1.3TB database. This data includes names, addresses, phone numbers, and credit card details of 560 million users.

Live Nation’s filing with the U.S. Securities and Exchange Commission (SEC) didn’t confirm the extent of the breach or if ShinyHunters was indeed behind it. However, they assured that they are working to reduce the risk to their users and are cooperating with law enforcement.

How Can You Protect Yourself?

In light of this breach, it’s crucial for Ticketmaster (including the UK) users to stay vigilant. Here are some steps you can take:

• Watch out for phishing attempts: Be cautious of suspicious emails or messages.

• Regular Security Awareness Training: Help to keep your organisation and employee’s security top of mind.

• Monitor your accounts: Keep an eye on your bank and credit card statements for any unusual activity.

• Change your passwords: Use strong, unique passwords for your accounts.

Although Ticketmaster hasn’t released a public statement yet, they have previously advised users to only get contact info from their official website and be wary of fake customer service numbers.

The Bigger Picture

This breach comes at a challenging time for Ticketmaster. Recently, the U.S. Department of Justice (DOJ) sued Live Nation and Ticketmaster, accusing them of having a monopoly over live events in America. The DOJ claims that in 2022, Ticketmaster controlled 70% of ticket sales for large venues, while the nearest competitor managed only 14%. They also accuse Live Nation of using long-term contracts and other tactics to prevent venues from using other ticket sellers.

Who Are ShinyHunters?

ShinyHunters is notorious for hacking several companies in 2020 and 2021, including Tokopedia, Unacademy, Wattpad, AT&T Wireless, and Microsoft. In January, a French member of the group, Sebastien Raoult, was sentenced to three years in a U.S. prison for his involvement in these cyberattacks. Between 2020 and 2021, ShinyHunters sold data from over 60 companies, causing more than $6 million in losses.

What should I do if my data is compromised?

Start with the basics. Monitor your bank and credit card statements for any unusual activity. Change your passwords and use strong, unique ones. Be on the lookout for phishing attempts and avoid clicking on suspicious links or downloading attachments from unknown sources.

How can I tell if an email is a phishing attempt?

Phishing emails often create a sense of urgency or contain suspicious links and attachments. Check the sender’s email address carefully, and if anything seems off, don’t click on any links, or download attachments. When in doubt, contact the company directly using a verified method.

The Ticketmaster data breach is a stark reminder of the importance of cyber vigilance. By staying informed and taking proactive steps, you can protect your personal information. At PhishFrenzy, we’re here to help you and your team stay safe online. Reach out to us today to learn more about our security awareness training and how we can help safeguard your organisation against cyber threats.