A hacking group has claimed to have obtained the personal data of more than 500 million Ticketmaster customers. ShinyHunters, a criminal hacking organisation that has previously obtained customer data from organisations such as AT&T Wireless and Microsoft, is reportedly offering the data on the dark web for $500,000.
According to Hackread, the information obtained during the alleged breach includes full names, addresses, phone and email details of the customers, as well as details of ticket purchases and partial payment card information.
Ticketmaster has yet to publicly comment on ShinyHunters' claims, although officials at Australia's Department of Home Affairs have confirmed they're "working with Ticketmaster to understand the incident".
Meanwhile, Christopher Budd, a threat researcher at British cybersecurity firm Sophos, has suggested that ShinyHunters' claims be initially treated with a degree of scepticism.
“Right now, since we only have the attackers’ words to go on, it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen," Budd tells Cyber Daily. "While there allegedly are new data in the dump, there is also older info, meaning it could be a series of concatenated data."
Last week, the US Department Of Justice filed a lawsuit against Ticketmaster's parent company Live Nation, saying its business acts to the detriment of fans, artists, venues and competition. And this week, a class action was filed with courts in New York, potentially on behalf of millions of American ticket buyers, accusing Live Nation and Ticketmaster of anticompetitive conduct.