Ticketmaster begins issuing notifications on a recent breach

July 2, 2024
Ticketmaster Data Breach Cyberattack Stolen Data Hackers

Ticketmaster has started to disseminate notification letters to its consumers affected by the recent data breach that the platform suffered. The recent incident was when the hackers stole the company’s Snowflake database, which contained the personal information of millions of users.

According to reports, Ticketmaster recently identified an unauthorised third party that acquired important information from a cloud database stored by one of their third-party data services providers.

The company also explained that its initial analysis of the campaign uncovered that the data breach occurred between April and May 2024. On May 23, 2024, the investigators found that the event may have affected some customers’ personal information. As of now, they have yet to record data misuse or any additional illegal activity in the cloud database.

However, the company disclosed in the notification letters that the incident compromised consumers’ names, basic contact information, and some details, which vary by user. Hence, the company advises consumers to be vigilant against identity theft and fraud. Also, Ticketmaster has offered every affected individual a year of free identity monitoring to track their credit history.

While Ticketmaster casually stated that the breach affected more than 1000 people, it affected millions of consumers globally and disclosed what many would consider much more sensitive information.

 

The Snowflake data theft attack transpired during the Ticketmaster hack.

 

This incident started after a threat actor known as ShinyHunters allegedly sold stolen information from the company. The attackers claimed to have obtained 560 million consumers’ personal and credit card information.

In addition, these attackers used the stolen credentials without MFA to access data from the customers’ Snowflake accounts. Snowflake is a cloud-based data warehousing company that provides enterprises with storage spaces for databases, analyses data and performs analytics.

However, the ShinyHunters group exploited this service and sold the stolen data on a well-known hacker forum for $500,000. The threat actor stated that the data totalled 1.3TB and included information on 560 million consumers, ticket sales, event information, customer fraud, and partial credit card information.

On the other hand, Ticketmaster confirmed the hack late last month after filing an SEC report, implying that it did not anticipate the incident would have a meaningful impact on its business.

Potentially affected individuals should enrol in the credit monitoring service offered by Ticketmaster and refrain from engaging in unsolicited communications, as threat actors could use the stolen data to deceive users.

About the author

Leave a Reply