Ticketmaster confirmed in a federal filing Friday that it was investigating a data breach after a hacking group known as ShinyHunters claimed responsibility for stealing the information of more than 500 million Ticketmaster customers.
In filing with the U.S. Securities and Exchange Commission, Ticketmaster’s parent company, Live Nation Entertainment, said it had “identified unauthorized activity within a third-party cloud database environment.”
Who is behind the infringement?
ShinyHunters, a hacking group believed to have formed around 2020, are believed to have been behind the breach.
Brett Callow, a threat analyst at cybersecurity company Emsisoft, said it was a “credible threat actor,” although not much else was known about the group.
Their main goal appears to be to obtain personal records and sell them.
His previous victims included Microsoft and AT&T, among dozens of other companies in the United States and elsewhere, according to federal prosecutors.
In March, AT&T confirmed a breach in a press release and said it had affected approximately 70 million current or former customers.
In January, the US Department of Justice announced that a 22-year-old ShinyHunters member, a French national named Sebastien Raoult, had been sentenced to three years in prison and ordered to pay more than $5 million in restitution for conspiracy to commit wire fraud. fraud and aggravated identity theft.
Who was affected by the Ticketmaster breach?
The hack was first revealed in a May 28 post on a forum called BreachForums.
According to a screenshot of the post shared by Callow, the group posted that it had the identifying information of 560 million Ticketmaster customers, including credit card numbers and ticket sales.
The group indicated that the asking price for the data (said to be 1.3 terabytes in size) was $500,000.
It was not immediately clear when the breach occurred.
According to Ticketmaster’s public filing, the company first identified “unauthorized activity” on May 20.
“We are working to mitigate the risk to our users and the company, and have notified and are cooperating with authorities,” the document says. “As appropriate, we are also notifying regulatory authorities and users regarding unauthorized access to personal information.”
The FBI did not respond to a request for comment on Friday. Ticketmaster representatives did not respond to a request for additional comment.
In its filing, Live Nation said it did not believe the breach would have “a material impact on our overall business operations or our financial condition or results of operations.”
I am a Ticketmaster customer. What should I do to protect myself?
For now, Callow said, it does not appear that customer passwords have been compromised.
But if you have a Ticketmaster account, you should change your password as a precaution, he said.
This is the latest episode to put Ticketmaster under scrutiny.
The Justice Department filed a lawsuit against Live Nation on May 23, asking a federal court to dissolve the company for what the government said was its maintenance of an illegally maintained monopoly over the live entertainment industry.
The company has called the government’s accusations “baseless accusations.”