Hacking group claims Ticketmaster breach that yielded data of 560 million customers

A hacking group claims it’s breached global events giant Ticketmaster and stolen the details of 560 million customers.

The group, named ShinyHunters, said on an online forum that the stolen data includes the names, addresses, phone numbers and partial credit card details of Ticketmaster customers.

The data was available for $500,000 in a “one-time sale,” the group’s post said.

The Australian government said Thursday it was investigating the claims, and the FBI has offered assistance to Australian authorities, a spokesperson for the U.S. Embassy in Canberra told Agence France-Presse.

“The Australian Government is aware of a cyber incident impacting Ticketmaster,” a spokesperson for the Australia Home Affairs Department said in a statement to CBS News. “The National Office of Cyber Security is engaging with Ticketmaster to understand the incident.” The department urged people with “specific inquiries relating to this incident” to contact Ticketmaster.

Ticketmaster and its parent company, Live Nation, haven’t issued statements on the possible breach.

The authenticity of the dataset offered by ShinyHunters couldn’t be immediately verified.

The hack was first reported by the websites Hackread and Australia-based CyberDaily.

ShinyHunters’ hacking history

ShinyHunters burst into notoriety in 2020-21 when it put up huge troves of customer records from more than 60 companies, according to the U.S. Justice Department.

In January, a court in Seattle jailed Sebastien Raoult, a French computer hacker who was a member ShinyHunters.

He was sentenced to three years in prison and ordered to pay more than $5 million in restitution after pleading guilty to conspiracy to commit wire fraud and aggravated identity theft.

Prosecutors said the extensive hacking caused millions of dollars in losses to companies that were victimized and “unmeasurable additional losses” to hundreds of millions of people whose data was sold to other criminals.

Hacks are impacting more people with increasingly severe consequences, Katina Michael, a cybersecurity professor at Australia’s University of Wollongong, told AFP.

The number of people hacked “will grow, it could be up to one billion in the future,” she said.

Governments, companies and consumers aren’t doing enough to protect themselves or investing in basic protection mechanisms such as two-factor authentication, Michael warned.

Justice Department suing Ticketmaster and Live Nation  

Ticketmaster, which is based in Beverly Hills, operates one of the largest online ticket sales platforms in the world.

The Justice Department filed a federal lawsuit last week accusing Ticketmaster and its parent company Live Nation of illegally monopolizing the live entertainment industry to the detriment of concertgoers and artists alike.

In a 128-page civil suit filed in U.S. District Court for the Southern District of New York, federal officials alleged that Live Nation has illegally thwarted competition and unduly burdened consumers in part through its ownership of Ticketmaster, which effectively gives it control over much of the market for live entertainment.

Justice Department officials said they’re seeking structural changes to how the company does business, which could include breaking the two entities apart.

In 2022, Ticketmaster’s mishandling of ticket sales for Taylor Swift’s The Eras Tour prompted enormous public outcry over Live Nation’s hold on the entertainment and ticketing industries. The Justice Department’s Antitrust Division was already investigating the company when the Swift fiasco unfolded, CBS News previously reported.

Source link