Live Nation, Ticketmaster’s parent company, revealed in a Friday SEC filing to investors that hackers breached systems containing sensitive user data earlier in the month, and that it found that data for sale online.
The report confirms a hacking group’s claim that it obtained the names, phone numbers, addresses, transaction information and partial credit card information of 560 million Ticketmaster customers dating back to at least 2011. The group asked for $500,000 in exchange for the data on a dark web forum that had previously been shut down by the FBI, per the Australian Broadcasting Corporation.
The company has been slow to make a statement to customers, but cybersecurity experts suggest that those worried about breaches keep an eye on potentially leaked payment methods, and change passwords that could have been affected.
The ticketing giant was accused of holding an illegal monopoly on the American live events market by the Department of Justice last week, facing a massive antitrust lawsuit for its “unlawful, anticompetitive conduct.”
ShinyHunters, the group which posted the batch of data for sale, previously claimed to have stolen data from 70 million AT&T customers in 2021. They also claimed that, alongside Ticketmaster, they had obtained sensitive information from Santander Bank customers and employees.
Reports from cybersecurity firm Hudson Rock allege that cloud software provider Snowflake was the target of the attack, and that hackers claimed the ability to breach other Snowflake customers. The company lists clients including Pfizer, Ring, Bumble, DoorDash, and Mastercard on their website.
Live Nation said in its filing that it did not expect the breach to have a material impact on its own business, though it is unclear what support it is offering customers to secure their data in the interim.
Shares