Ticketmaster parent company Live Nation has confirmed that internal data was exposed in a cyber-attack identified last month, with threat actors apparently targeting a third-party cloud environment.
The ticketing giant said in an SEC filing that the majority of the compromised data came from its Ticketmaster subsidiary, which chimes with earlier reports that as many as 560 million of the company’s customers may have been impacted.
“On May 20, 2024, Live Nation Entertainment identified unauthorized activity within a third-party cloud database environment containing company data … and launched an investigation with industry-leading forensic investigators to understand what happened,” the 8-K filing noted.
“On May 27, 2024, a criminal threat actor offered what it alleged to be company user data for sale via the dark web. We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”
That “criminal threat actor” is known as ShinyHunters. According to screenshots of the dark web ad, they are selling 1.3TB of stolen customer data, including names, addresses, emails and phone numbers, the last four digits of card numbers and expiry dates, ticketing order details and much more. The trove is on offer as a “one-time sale” for $500,000.
No tags.
