A menace actor often called ShinyHunters is promoting what they declare is the non-public and monetary info of 560 million Ticketmaster clients on the lately revived BreachForums hacking discussion board for $500,000.
The allegedly stolen databases, which have been first put up on the market on the Russian hacking discussion board Exploit, supposedly comprise 1.3TB of knowledge and the shoppers’ full particulars (i.e., names, dwelling and electronic mail addresses, and telephone numbers), in addition to ticket gross sales, order, and occasion info.
In addition they comprise buyer bank card info, together with hashed bank card numbers, the final 4 digits of the cardboard numbers, bank card and authentication sorts, and expiration dates, with monetary transactions spanning from 2012 to 2024.
ShinyHunters instructed BleepingComputer that there have an interest patrons within the knowledge and mentioned they really feel one could also be TicketMaster themselves. When requested when and the way the information was stolen, the menace actor mentioned they “can’t say anything about this.”
Nevertheless, cybersecurity collective vx-underground claimed to have spoken to some menace actors who allegedly breached Ticketmaster. They mentioned they may steal the information from the corporate’s AWS cases “by pivoting from a Managed Service Provider.”
Ticketmaster has but to answer to a number of requests from BleepingComputer to verify the menace actor’s claims and supply extra info on this alleged breach.
The FBI declined to remark when BleepingComputer requested in the event that they have been working with Ticketmaster to research an incident associated to ShinyHunters’ claims.
Whereas BleepingComputer can’t independently verify if the information is official, we now have reviewed quite a few samples shared by ShinyHunters, and the information seems to originate from TicketMaster.
Lawsuits and former breaches
Final week, the U.S. Division of Justice and a bipartisan coalition of 30 attorneys common sued Stay Nation Leisure and its Ticketmaster subsidiary for its anticompetitive conduct and violating the Sherman Antitrust Act by monopolizing the dwell occasions trade.
As Bloomberg first reported, clients have already filed a proposed class motion this week towards Ticketmaster and its father or mother firm, Stay Nation for this alleged knowledge breach. The motion consists of U.S. residents affected by this alleged breach.
The plaintiffs search punitive damages, precise damages, and attorneys’ charges, in addition to an order requiring Ticketmaster to pay for credit-monitoring providers and reveal what buyer knowledge was uncovered within the incident.
4 years in the past, Ticketmaster was fined $10 million for illegally accessing the programs of competitor CrowdSurge utilizing the credentials of one in all its former staff to gather enterprise intelligence and use it to “choke off” the rival firm’s enterprise.
In 2018, the corporate additionally disclosed a knowledge breach that affected roughly 5% of its buyer base after attackers stole Ticketmaster login info, fee particulars, and private info (i.e., names, addresses, electronic mail addresses, and phone numbers) belonging largely to U.Ok. clients from the programs of third-party vendor Inbenta.
A part of Stay Nation Leisure, Ticketmaster processes over 500 million tickets yearly throughout 30 nations and controls practically 80 % of the U.S. ticketing trade.