Ticketmaster data breach 2024: Everything to know as hacker group ShinyHunters offer to sell 560M customers' info for $500K

Ticketmaster data breach 2024 (Image via Wikimedia Commons/@Tdorante10)
Ticketmaster data breach 2024 (Image via Wikimedia Commons/@Tdorante10)

In a staggering revelation that has sent shockwaves through the digital world, Ticketmaster, the global leader in ticket sales and distribution, has fallen victim to a massive data breach in 2024.

As per the BBC, the breach that occurred on May 30, 2024, potentially exposed the personal information of a staggering 560 million customers. Hacker group ShinyHunters has emerged as the mastermind of this breach and is now offering to sell the compromised data for a mere $500,000.

The Australian government, which first reported the data breach, told CBS News that they are aware of the situation involving data breaches at Ticketmaster —

"The Australian Government is aware of a cyber incident impacting Ticketmaster," says an Australia Home Affairs Department spokesperson.

Ticketmaster Entertainment is an American ticket sales and distribution company based in Beverly Hills, California. Founded in 1976, it operates globally and serves millions of customers each year. The company facilitates the sale of tickets on behalf of event organizers and venues, offering convenience to buyers and sellers.

Unraveling the Ticketmaster data breach of 2024

Ticketmaster, a fully owned subsidiary under Live Nation, data was breached (Image via Getty)
Ticketmaster, a fully owned subsidiary under Live Nation, data was breached (Image via Getty)

Ticketmaster, a titan in ticket sales and distribution, faces unprecedented turmoil in 2024 when news of a colossal data breach emerges.

As per the Times Now News, approximately 1.3 gigabytes of data have been stolen. Reportedly, the compromised data includes names, phone numbers, addresses, email addresses, purchase information, facts on ticket sales and events, and the users' and customers' partial credit card information.

Moreover, as reported by Times Now News, the compromised customers' payment data includes their name, card number expiration dates, last four digits, and consumer fraud information.

The hacker group ShinyHunters has come forward, taking responsibility for data breaching and demanding $500,000, as first reported by Hack Read on May 28, 2024.

As per CBS, the Australian government said on Thursday, May 30, 2024, that they are in contact with the ticket company to comprehend the details and implications of the incident.

"The National Office of Cyber Security is engaging with Ticketmaster to understand the incident," says a spokesperson.

Mark Lukie, the cybersecurity expert and director of several IT companies, reported to ABC News that the hacked data will possibly be utilized for "phishing or impersonation" attacks in the future.

"This could mean the potential risk of identity fraud, and we would assume this data would be used for phishing or impersonation attacks down the track," Lukie said.

Furthermore, he advised users to be highly cautious when replying to emails and to refrain from providing any personal information to individuals who may be attempting to manipulate them.

"Users need to be very vigilant about their email and who they're responding to and not giving out any information to people trying to trick them," the cybersecurity expert told ABC News.

Mark Lukie further noted that organizations with massive customer data have become increasingly attractive targets for criminal organizations. He further proposed suggesting that to "protect" themselves, they should consider "multi-factor authentication."

"From a commercial standpoint it's making them lots of money and the more data these organisations have the more they become a target for these criminal organisations. We should all be looking for multi-factor authentication and additional resources to protect ourselves".

On May 30, 2024, an engineer at an information security company, SecurityScorecard, Jared M. Smith, told CBS that the "theft is still not verified." He further said that this could be part of a "publicity stunt."

"It's still not verified. We don't know whether the hackers that posted it are making this up or not, that's something we're waiting for. It could be part of a publicity stunt," Smith said.

Suggesting the gain of the hackers from this breach, Smith told CBS MoneyWatch that the most likely prey would be the audience for whom the hackers will set up sites looking like Ticketmaster and will end up scamming them by selling fake tickets.

"All of that together would make quite a perfect set up for a group to put up sites that look like Ticketmaster sales partners to target consumers they know have purchased event tickets before. This breach would prey on a really easy target audience to scam people into buying fake tickets," Smith said.

As the investigation continues, cybersecurity officials and other authoritative individuals have suggested that customers not click on links they do not recognize and call the customer support line to verify any offer. Moreover, Ticketmaster has not commented on the incident yet.

App download animated image Get the free App now