A threat actor known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000.
The allegedly stolen databases, which were first put up for sale on the Russian hacking forum Exploit, supposedly contain 1.3TB of data and the customers' full details, as well as ticket sales, order, and event information.
They also contain customer credit card information, including hashed credit card numbers, the last four digits of the card numbers, credit card and authentication types, and expiration dates, with financial transactions spanning from 2012 to 2024.
ShinyHunters told BleepingComputer that there are interested buyers in the data and said they feel one may be TicketMaster themselves.
Cybersecurity collective vx-underground claimed to have spoken to some threat actors who allegedly breached Ticketmaster.
Ticketmaster has yet to reply to multiple requests from BleepingComputer to confirm the threat actor's claims and provide more information on this alleged breach.
The FBI declined to comment when BleepingComputer asked if they were working with Ticketmaster to investigate an incident related to ShinyHunters' claims.
While BleepingComputer cannot independently confirm if the data is legitimate, we have reviewed numerous samples shared by ShinyHunters, and the data appears to originate from TicketMaster.
Last week, the U.S. Department of Justice and a bipartisan coalition of 30 attorneys general sued Live Nation Entertainment and its Ticketmaster subsidiary for its anticompetitive conduct and violating the Sherman Antitrust Act by monopolizing the live events industry.
As Bloomberg first reported, customers have already filed a proposed class action this week against Ticketmaster and its parent company, Live Nation for this alleged data breach.
The action includes U.S. residents affected by this alleged breach.
The plaintiffs seek punitive damages, actual damages, and attorneys' fees, as well as an order requiring Ticketmaster to pay for credit-monitoring services and reveal what customer data was exposed in the incident.
In 2018, the company also disclosed a data breach that affected roughly 5% of its customer base after attackers stole Ticketmaster login information, payment details, and personal information belonging mostly to U.K. customers from the systems of third-party vendor Inbenta.
Part of Live Nation Entertainment, Ticketmaster processes over 500 million tickets annually across 30 countries and controls nearly 80 percent of the U.S. ticketing industry.
FBI seize BreachForums hacking forum used to leak stolen data.
Everbridge warns of corporate systems breach exposing business data.
Intercontinental Exchange to pay $10M SEC penalty over VPN breach.
Europol confirms web portal breach, says no operational data stolen.
Ascension redirects ambulances after suspected ransomware attack.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 May 2024 20:35:45 +0000