Data leak at Ticketmaster, over 560 million customers affected

Over 500 million Ticketmaster customers' personal data were hacked. Live Nation Entertainment, Ticketmaster's parent company, has confirmed that it is investigating a data breach at the ticket seller. A report filed by Live Nation with the U.S. Securities and Exchange Commission (SEC) states that "unauthorized activity" was detected in a database containing primarily Ticketmaster data.

A hacker group called ShinyHunters reported on Thursday that it was in possession of the personal data of 560 million Ticketmaster customers. This data included names, addresses, email addresses, telephone numbers, credit card details, and ticket purchases. The group shared the evidence for capturing that data on the dark web. The news about the data leak then went viral on social media. The investigation into the attack is ongoing in Australia, and the FBI has offered its assistance.

The hacker group stated that the data could be retrieved for 500,000 dollars, the New York Times reported.

However, it remains unclear exactly when the hackers accessed the customers personal data. According to Ticketmaster's public records, "unauthorized activity" was first detected on May 20, the New York Times wrote.

"We are working to minimize the risks to our users and the company and have notified law enforcement, with whom we are cooperating," Live Nation said in the filing. The company added that the incident "has not had a material impact on our overall business operations or on our financial condition or results of operations, and we do not reasonably believe it will."

Much is still unclear about the cyber attack, including whether Dutch customers' personal data has also fallen into the hands of cybercriminals. On Friday, a Dutch spokeswoman said on behalf of Ticketmaster that she had no information on this yet. The Authority for Personal Data (AP), which requires organizations and companies to report data breaches, was also unable to say anything.

ShinyHunters is a well-known name in cybercrime. Fox-IT cybersecurity expert Willem Zeeman said the group is mainly known as an intermediary and may not have attacked Ticketmaster itself. Criminals, Zeeman said, can impersonate Ticketmaster in emails to obtain even more data from customers. Thus, people can become the target of identity theft, fraudulent transactions, and phishing attacks.