A major scandal hit Ticketmaster this week, with the personal data of 560 million customers put up for sale on the dark web. The author of the leak, known as “ShinyHunters”, showed off a 1.3TB folder of data online that was sold for $500,000 on hacking forums. The leaked data includes personal information such as names, email and residential addresses, phone numbers and credit card details. Despite the gravity of the situation, Ticketmaster’s parent company, Live Nation, remained silent until late Friday evening. The company publicly acknowledged the data breach and disclosed that it had discovered unauthorized activity in a third-party cloud database containing corporate data, primarily from its subsidiary Ticketmaster LLC, on May 20, 2024.
Live Nation launched an investigation with forensic investigators to understand what happened, and on May 27, 2024, a hacker offered corporate user data for sale on the dark web. The company is working to reduce the risks for its users and is cooperating with law enforcement. Furthermore, it informed authorities and users about unauthorized access to personal information. Despite the massive amount of data compromised, Live Nation said the incident has not had, and is not expected to have, a significant impact on its business operations or financial condition. However, the late response and lack of specific details about the breach have raised concerns among users and security experts.