{"id":24586,"date":"2024-05-30T03:10:38","date_gmt":"2024-05-30T11:10:38","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2024\/05\/30\/news-18316\/"},"modified":"2024-05-30T03:10:38","modified_gmt":"2024-05-30T11:10:38","slug":"news-18316","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2024\/05\/30\/news-18316\/","title":{"rendered":"The Ticketmaster “breach”\u2014what you need to know"},"content":{"rendered":"\n

Earlier this week, a cybercriminal group posted an alleged database<\/a> up for sale online which, it says, contains customer and card details of 560 million Live Nation\/Ticketmaster users.<\/p>\n

The data was offered for sale on one forum under the name “Shiny Hunters”. ShinyHunters is the online handle for a group of notorious cybercriminals associated with numerous data breaches, including the recent AT&T breach<\/a>. <\/p>\n

\"ShinyHunter
Post on BreachForums by ShinyHunters<\/em><\/figcaption><\/figure>\n

The post says:<\/p>\n

\n

\u201cLive Nation \/ Ticketmaster<\/p>\n

Data includes<\/p>\n

560 million customer full details (name, address, email, phone)<\/p>\n

Ticket sales, event information, order details<\/p>\n

CC detail \u2013 customer last 4 of card, expiration date<\/p>\n

Customer fraud details<\/p>\n

Much more<\/p>\n

Price is $500k USD. One time sale.\u201d<\/p>\n<\/blockquote>\n

The same data set was offered for sale in an almost identical post on another forum by someone using the handle SpidermanData. This could be the same person or a member of the ShinyHunters group.<\/p>\n

According to news outlet ABC<\/a>, the Australian\u00a0Department of Home Affairs said it is aware of a cyber incident impacting Ticketmaster customers and is \u201cworking with Ticketmaster to understand the incident.\u201d<\/p>\n

Some researchers expressed their doubts about the validity of the data set:<\/p>\n

\n
\n
\n

\"\ud83d\udea8\"\"\ud83d\udea8\"Thoughts on the alleged Ticketmaster Data Breach \"\ud83d\udea8\"\"\ud83d\udea8\"<\/p>\n

TLDR: Alert not Alarmed<\/p>\n

The Ticketmaster data breach claim has provided BreachForums with the quick attention they need to boost their user numbers and reputation. <\/p>\n

The claim has possibly been over-stated to boost\u2026 pic.twitter.com\/WJsFkBfQbw<\/a><\/p>\n

— CyberKnow (@Cyberknow20) May 29, 2024<\/a><\/p><\/blockquote><\/div>\n<\/figure>\n

While others judged it looks legitimate based on conversations with involved individuals, and studying samples of the data set:<\/p>\n

\n
\n
\n

Today we spoke with multiple individuals privy to and involved in the alleged TicketMaster breach.<\/p>\n

Sometime in April an unidentified Threat Group was able to get access to TicketMaster AWS instances by pivoting from a Managed Service Provider. The TicketMaster breach was not\u2026<\/p>\n

— vx-underground (@vxunderground) May 30, 2024<\/a><\/p><\/blockquote><\/div>\n<\/figure>\n

Whether or not the data is real remains to be seen. However, there’s no doubt that scammers will use this opportunity to make a quick profit.<\/p>\n

Ticketmaster users will need to be on their guard. Read our tips below for some helpful advice on what to do in the event of a data breach.<\/p>\n

You can also check what personal information of yours has already been exposed online with our Digital Footprint portal. Just enter your email address (it\u2019s best to submit the one you most frequently use) to our\u00a0free Digital Footprint scan<\/a>\u00a0and we\u2019ll give you a report.<\/p>\n

\n
\n
\n

<\/a>SCAN NOW<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n

All parties involved have refrained from any further comments. We\u2019ll keep you posted.<\/p>\n

Protecting yourself from a data breach<\/h2>\n

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach<\/a>.<\/p>\n