Hacker group puts data of 560 million Ticketmaster customers up for sale

Names, phone numbers, addresses and partial credit card info were listed for sale for $500k on a dark web forum

By Griffin Eckstein

News Fellow

Published June 1, 2024 12:18PM (EDT)

In this photo illustration, the Ticketmaster logo is displayed on a smartphone screen and the Live Nation Entertainment in the background. (Rafael Henrique/SOPA Images/LightRocket via Getty Images)
In this photo illustration, the Ticketmaster logo is displayed on a smartphone screen and the Live Nation Entertainment in the background. (Rafael Henrique/SOPA Images/LightRocket via Getty Images)

Live Nation, Ticketmaster’s parent company, revealed in a Friday SEC filing to investors that hackers breached systems containing sensitive user data earlier in the month, and that it found that data for sale online.

The report confirms a hacking group’s claim that it obtained the names, phone numbers, addresses, transaction information and partial credit card information of 560 million Ticketmaster customers dating back to at least 2011. The group asked for $500,000 in exchange for the data on a dark web forum that had previously been shut down by the FBI, per the Australian Broadcasting Corporation.

The company has been slow to make a statement to customers, but cybersecurity experts suggest that those worried about breaches keep an eye on potentially leaked payment methods, and change passwords that could have been affected.

The ticketing giant was accused of holding an illegal monopoly on the American live events market by the Department of Justice last week, facing a massive antitrust lawsuit for its “unlawful, anticompetitive conduct.”

ShinyHunters, the group which posted the batch of data for sale, previously claimed to have stolen data from 70 million AT&T customers in 2021. They also claimed that, alongside Ticketmaster, they had obtained sensitive information from Santander Bank customers and employees.

Reports from cybersecurity firm Hudson Rock allege that cloud software provider Snowflake was the target of the attack, and that hackers claimed the ability to breach other Snowflake customers. The company lists clients including Pfizer, Ring, Bumble, DoorDash, and Mastercard on their website.

Live Nation said in its filing that it did not expect the breach to have a material impact on its own business, though it is unclear what support it is offering customers to secure their data in the interim. 

MORE FROM Griffin Eckstein