Alleged hack of tickets giant could expose credit data

A group known as ShinyHunters claims it has hacked ticketing giant Ticketmaster.

A group known as ShinyHunters claims it has hacked ticketing giant Ticketmaster. Photo: Getty

Millions of Australian Ticketmaster users are in the dark about whether hackers have proffered their personal information, such as credit card details, on the dark web.

The hacker group ShinyHunters is allegedly attempting to sell 560 million users’ stolen data after claiming to have hacked the ticketing giant, owned by Live Nation.

However, Ticketmaster has not publicly confirmed the alleged breach and the Australian government has only said it is working with Ticketmaster to understand a cyber security incident.

Ticketmaster reportedly has five million users in Australia and New Zealand.

It is not yet known if Australian customers have been exposed.

The story was broken by cyber security industry publication CyberDaily which came across online posts from the hackers trying to sell the material on the dark web.

ShinyHunters appear to be trying to fetch a price of $US500,000 ($750,000) for the private data.

CyberDaily said a sample of the data that the hackers offered as a taster for potential buyers included the last four digits of credit cards, credit card expiration dates, customer names, addresses, and emails.

The material is said to total 1.3 terabytes in 16 folders.

“560 million customers full details (name, address, email, phone),” ShinyHunters reportedly said in its post.

“Ticket sales, event information, order details.”

According to CyberDaily, the data was posted overnight on Tuesday, May 28.

Sophos News threat research director Christopher Budd told CyberDaily it was too early to know if the hacking claim was legitimate.

“Right now, since we only have the attackers’ words to go on, it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen,” Budd said.

“While there allegedly are new data in the dump, there is also older info, meaning it could be a series of concatenated data.

“Regardless of whether the breach is legitimate, the attackers have been successful in drawing attention to a criminal forum that was recently taken down.

“As with many take downs like this, we often see the sites rebooted, so organisations should never let their guard down.”

Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter.
Copyright © 2024 The New Daily.
All rights reserved.