News: 1717023635

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Miscreants claim they've snatched 560M people's info from Ticketmaster

(2024/05/30)


Ticketmaster is believed to have had its IT breached by cybercriminals who claim to have stolen 1.3TB of data on 560 million of the corporation's customers – and are now selling all that info for $500,000.

On Wednesday, Australia's Department of Home Affairs told The Register that government, at least, is "aware of a cyber incident impacting Ticketmaster," and that the "National Office of Cyber Security is engaging with Ticketmaster to understand the incident."

The records allegedly swiped from Ticketmaster include customers' names, email addresses, phone numbers, and physical addresses, as well as order info and credit card details — specifically, the last four digits of the cards plus names and expiration dates.

[1]

California-based Ticketmaster did not respond to The Register 's inquiries about the claimed security breach, including when the data would have been stolen — and what, if anything, happened in the claimed heist and its aftermath.

[2]

[3]

ShinyHunters, the miscreants who boasted of pilfering the Ticketmaster files, are now peddling it all on an underworld forum, and list "customer fraud details" and "much more" included in the one-time six-figure sale price for the data. To be clear: The Register has not verified the alleged customer database dump.

"Whether the dataset is real and, if it is, where and when it was obtained are both unclear," noted Emsisoft threat analyst Brett Callow, who [4]posted a screenshot of ShinyHunters' for-sale notice on Tuesday. This was before the Australian government confirmed there was at least a "cyber incident" affecting Ticketmaster.

[5]

The purported Ticketmaster data was put up for sale on Tuesday on the [6]now-revived BreachForums , which declares the ShinyHunters crew as its administrator.

ShinyHunters was one of two previous BreachForums administrators, before police [7]shut down an earlier incarnation of the notorious marketplace for stolen data and reportedly cuffed the other suspected admin two weeks ago. ShinyHunters [8]told DataBreaches it did contact Ticketmaster before offering the customer data for sale, and claimed the biz never opened the message nor responded to it.

[9]BreachForums returns just weeks after FBI-led takedown

[10]Uncle Sam's had enough of Live Nation and Ticketmaster, sues to end monopoly

[11]Live Nation CFO on Taylor Swift ticket chaos: Don't blame me, bots made me crazy

[12]2.8M US folks learn their personal info was swiped months ago in Sav-Rx IT heist

This is the same crew of miscreants who bragged about stealing private info belonging to [13]70 million AT&T customers in August 2021 before trying to sell it for $1 million.

If it's legit, the Ticketmaster data dump comes at an especially bad time for the corporation, which is owned by Live Nation Entertainment.

Last week, the US Department of Justice along with 30 state and district attorneys general, [14]sued the entertainment giant for its allegedly anti-competitive business practices, and "monopolistic control over the live events industry."

[15]

Plus, fans are still unhappy with the ticket giant over last November's bot fiasco, which [16]broke the Ticketmaster website and forced it to cancel its general sale of Taylor Swift concert tickets. The Swifties were not pleased.

Ani Chaudhuri, co-founder and CEO of data security firm Dasera, told The Register the long-term impact to Ticketmaster's reputation and customer trust could be "profound," following the latest breach accusations.

"To regain credibility, Ticketmaster should be transparent about the breach, its impact, and the steps to prevent future incidents," Chaudhuri said, suggesting a full-blown review and overhaul of its security infrastructure. ®

Get our [17]Tech Resources



[1] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Zlf56PRDlZcGfHvZCots3QAAAA8&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0

[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Zlf56PRDlZcGfHvZCots3QAAAA8&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Zlf56PRDlZcGfHvZCots3QAAAA8&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[4] https://x.com/BrettCallow/status/1795558185941541240

[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Zlf56PRDlZcGfHvZCots3QAAAA8&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0

[6] https://www.theregister.com/2024/05/28/breachforums_back_online/

[7] https://www.theregister.com/2024/05/15/fbi_breachforums_ransomware/

[8] https://databreaches.net/2024/05/28/hacked-ticketmasters-terrible-horrible-no-good-very-bad-week-just-got-worse/

[9] https://www.theregister.com/2024/05/28/breachforums_back_online/

[10] https://www.theregister.com/2024/05/23/feds_file_antitrust_complaint_to/

[11] https://www.theregister.com/2023/01/24/taylor_swift_bots_blamed/

[12] https://www.theregister.com/2024/05/28/savrx_data_theft/

[13] https://www.theregister.com/2024/03/18/att_alleged_data_leak/

[14] https://www.theregister.com/2024/05/23/feds_file_antitrust_complaint_to/

[15] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Zlf56PRDlZcGfHvZCots3QAAAA8&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0

[16] https://www.theregister.com/2023/01/24/taylor_swift_bots_blamed/

[17] https://whitepapers.theregister.com/



(In Michael Palin's voice as Ken) "Revenge!"

Yorick Hunt

Australa's own [1]Shovel hit the nail on the head;

"Ticketmaster Hacker Demands $500K Ransom (Plus $300K Ransom Processing Fee, $220K Ransom Handling Fee)"

[1] https://theshovel.com.au/2024/05/30/ticketmaster-hacker-demands-500k-ransom-plus-300k-processing-fee/

Decade Blending:
In clothing: the indiscriminate combination of two or more
items from various decades to create a personal mood: Sheila =
Mary Quant earrings (1960s) + cork wedgie platform shows (1970s) +
black leather jacket (1950s and 1980s).
-- Douglas Coupland, "Generation X: Tales for an Accelerated
Culture"