What you need to know about the alleged theft of Ticketmaster customer data

A group of cybercriminals claims they have stolen personal data from more than 100,000 people 500 million Ticketmaster customers. While the event ticketing service, owned by Live Nation Entertainment, has not confirmed the attack, security experts warn it could put users of the platform at risk for a range of scams.

The hackers, called ShinyHunters, said in an online forum that they have gained access to Ticketmaster customer information and plan to sell the data. But Jared M. Smith, an engineer at SecurityScorecard, a company that monitors breaches of Internet computer networks, cautioned that it remains to be seen whether the theft is real.

“It's still not verified. We don't know if the hackers who posted it are making this up or not, we're waiting for that,” he said. “It could be part of a publicity stunt.”

Here's what you need to know about what kind of data may have been exposed and how you can protect yourself.

What is ShinyHunters?

The hacking group emerged in 2020 and attracted attention the following year when it exposed vast amounts of customer data from more than 60 companies.

According to the Justice Department, the ShinyHunters stored and sold stolen data on the “dark web,” including customer databases containing personal and financial information. Members of the group also used social media to recruit potential buyers for the data, sometimes alerting the media to their exploits and posting images on a website that appeared to show stolen material. The targets included a range of companies and millions of consumers.

Sebastien Raoult, a French computer hacker and member of ShinyHunters, was sentenced in January to three years in prison and ordered to pay more than $5 million in restitution after pleading guilty to conspiracy to commit wire fraud and aggravated identity theft.

ShinyHunters may not have hacked Ticketmaster, but could instead effectively serve as a middleman by selling the customer data, experts noted. The group's message stated that the data was for sale for $500,000 in a “one-time sale.”

How many people may be affected?

ShinyHunters said it obtained personal information from 560 million Ticketmaster customers. While this would be one of the biggest cyber thefts of all time, one expert said some of the information the group claims to have stolen was likely already publicly available.

“The reality is that there's a lot of data missing, and that sounds really bad. But from a practical point of view, how many people have had information stolen that isn't yet available? A lot of it is public,” cybersecurity expert Joseph Steinberg told CBS MoneyWatch . “The raw data itself probably reveals much less than it seems. We sometimes get impressed by numbers, but what is much more important is the quality of the data and what it means.”

What type of information was allegedly made public?

ShinyHunters said it obtained the names, addresses, phone numbers, transactions and partial credit card information from Ticketmaster, which Smith described as a “juicy” trove of data for bad actors.

“It's a lot of information that you don't often see together. Often hackers just get usernames and passwords, and sometimes payment information. But you don't often see addresses and previous purchases, and all that together would make a pretty perfect set for a group to set up sites that resemble Ticketmaster sales partners to target consumers who they know have previously purchased event tickets,” he told CBS MoneyWatch.

“This breach would prey on a very easy target to scam people into buying counterfeit tickets,” Smith added.

What is Ticketmaster doing about the alleged attack?

Nothing yet. The company has not verified the alleged cyberattack. There was no immediate response to a request for comment.

The Australian government said Thursday it is investigating the hacking group's claims. The FBI has offered assistance to Australian authorities, a spokesperson for the US embassy in Canberra told Agence France-Presse.

“The Australian Government is aware of a cyber incident impacting Ticketmaster,” an Australian Department of Home Affairs spokesperson said in a statement to CBS News. “The National Office of Cyber ​​Security is working with Ticketmaster to understand the incident.” The department also urged people with “specific questions about this incident” to contact Ticketmaster.

What should Ticketmaster users do now?

First, and crucially, consumers should assume they are at risk of being hacked, Steinberg said, emphasizing the need for people to have the right mindset. For example, a consumer who believes he is being targeted by hackers will think twice before clicking on a link that will give him concert tickets for his favorite band from an unknown entity.

“You have to internalize the fact that you are a target. People who believe they are targeted behave differently than people who don't,” he said.

Regarding Ticketmaster, Smith urged consumers not to click on concert ticket sales links they don't recognize, and to call the service's support line to verify any offers.

“Someone who thinks they're not being targeted would say, 'Wow, this is great, not thinking they got the data from the Ticketmaster breach and socialized it,'” Steinberg said.

More generally, Steinberg recommended that people use two-factor authentication to protect their accounts.

Related Posts

Juneteenth Hack brings together black artists with augmented reality technology

A group of technology-driven artists from Oakland kicked off their first Juneteenth hackathon this week, a technology event aimed at changing the way art is discovered and seen in their…

Can high-speed commerce surpass e-commerce in India?

Even as high-speed commerce startups retreat, consolidate or close in many parts of the world, the model is showing encouraging signs in India. Consumers in urban cities are embracing the…

Leave a Reply

Your email address will not be published. Required fields are marked *

You Missed

The European election results raise fears about the weakening of climate ambitions

  • June 18, 2024
The European election results raise fears about the weakening of climate ambitions

Kansas is suing Pfizer for 'misleading statements' about its COVID vaccine

  • June 18, 2024
Kansas is suing Pfizer for 'misleading statements' about its COVID vaccine

Remco Evenepoel: The Tour de France contender who might have played for Belgium at Euro 2024

  • June 18, 2024
Remco Evenepoel: The Tour de France contender who might have played for Belgium at Euro 2024

Juneteenth Hack brings together black artists with augmented reality technology

  • June 18, 2024
Juneteenth Hack brings together black artists with augmented reality technology

The 2024 Summer Olympics in Paris could break heat records. Does this put athletes at risk?

  • June 18, 2024
The 2024 Summer Olympics in Paris could break heat records.  Does this put athletes at risk?

James Webb telescope helps improve technology

  • June 18, 2024
James Webb telescope helps improve technology

Kylian Mbappe broke his nose during France's 2024 Euro 2024 victory over Austria and may need surgery, reports say

  • June 18, 2024
Kylian Mbappe broke his nose during France's 2024 Euro 2024 victory over Austria and may need surgery, reports say

Approximately 100,000 pet insurance policies are being canceled nationwide

  • June 17, 2024
Approximately 100,000 pet insurance policies are being canceled nationwide

Here are our recommendations for the best 2024 nonfiction books : NPR

  • June 17, 2024
Here are our recommendations for the best 2024 nonfiction books : NPR

Maryland pardons 175,000 people for cannabis convictions

  • June 17, 2024
Maryland pardons 175,000 people for cannabis convictions

US Secret Service member robbed at gunpoint in California during Biden trip

  • June 17, 2024
US Secret Service member robbed at gunpoint in California during Biden trip