In a chilling revelation, the notorious hacker group Shiny Hunters has announced an audacious breach of epic proportions. The collective claims to have infiltrated the digital fortresses of Ticketmaster and Live Nation, seizing the personal details of a staggering 560 million individuals
The hacker is demanding a payment of $500,000 USD ($752,000 AUD) for a one-time sale of the stolen information, which includes a sample showcasing ticket sales, event details, and order specifics. If verified, this breach could result in severe consequences for affected customers, such as identity theft and financial fraud.
ShinyHunters, is no stranger to headline-making data breaches. They’re also the brains behind Breach Forums, a well-known hub for cybercriminal activities.
The hack has sent shockwaves through the global community, as fears mount over the potential misuse of the stolen data.
The pilfered data, a trove of 1.3 terabytes, reportedly includes sensitive customer information such as names, addresses, contact details, credit card numbers, ticket orders, and even specifics of fraudulent activities.
The Department of Home Affairs acknowledged the cyber incident affecting Ticketmaster customers, following reports of a data breach that could potentially impact millions of customers worldwide.
The implications of the breach are profound, potentially putting millions at risk of identity theft and financial fraud, which could lead to a catastrophic wave of personal and financial turmoil if confirmed.
While the full scope of the breach remains uncertain, the hackers assert they possess the details of millions, including potentially Australians, who make up a significant portion of Ticketmaster’s five million customers in Australia and New Zealand.
The data was posted overnight on May 28, but intriguingly, a second hacker on a different, Russian forum made an identical post. It’s unclear if this second hacker has any connections to ShinyHunters.
According to Cybersecurity expert Mark Lukie the data breach will have have major implications for Australian customers.
“This could mean the potential risk of identity fraud and we would assume this data would be used for phishing or impersonation attacks down the track,”
“Users need to be very vigilant about their email and who they’re responding to and not giving out any information to people trying to trick them.” says Lukie
Troubling Times For Ticketmaster
Ticketmaster’s history with cybersecurity woes isn’t new. In January 2023, the company disclosed that a bot-driven assault disrupted ticket sales for Taylor Swift’s concerts, underscoring weaknesses in their ticketing infrastructure.
Moreover, in January 2021, Ticketmaster was found culpable of hacking into Songkick, a rival firm, to pilfer confidential data. This illicit activity resulted in a $10 million settlement paid to Songkick.
Adding to their troubles, last Thursday, on May 23, 2024, the US Department of Justice filed a lawsuit against Live Nation-Ticketmaster for monopolistic practices in the live concert industry.
The legal action brings into focus a recurrent pattern of cybersecurity lapses and ethical quandaries plaguing Ticketmaster throughout its history.
In 2009, Live Nation, first known for event promotion, revealed plans to join forces with Ticketmaster, the global leader in ticket sales for live music, sports, and theater events. This union gave rise to the powerhouse known as Live Nation Entertainment.
Ticketmaster users and customers are advised to monitor their financial accounts closely, change passwords, and remain alert about potential phishing attacks
