Live Nation recently confirmed reports that its subsidiary Ticketmaster experienced a data breach — compromising the personal information of its customers. Although there’s still no official word on the number of people affected, the extent of the breach will no doubt be exacerbated by the company’s status as a major marketplace for live events like concerts. A fact that makes the recent charges levied against them for being an “illegal monopoly” by the U.S. Department of Justice all the more timely. But whatever the outcome of that suit — they’ll be a small comfort for users who’ve had their data illicitly exchanged on the dark web.
The public first heard of the breach on May 28, when Hackread reported that the hacking group ShinyHunters had claimed responsibility for stealing supposedly 1.3 TB of personal data belonging to 560 million users of Ticketmaster. This allegedly includes everything from full names, physical/email addresses, phone numbers, ticket sales, order information, and partial payment data like the last four digits of card numbers.
According to the post, the group has chosen to ransom the data for $500,000 — a drop in the bucket compared to how much they make off service fees. “with the money they charge for tickets ticketmaster better pay up lmao,” @KmaFr_ on X remarked. Others were quick to point out the irony of a multi-billion dollar company that lacks the funds (or rather the inclination) to secure customer data. “Soooo the $76.54 they charge in ‘processing fee’ hasn’t allowed them to invest in better securities?” @xoxo_cb complained on Instagram.
Live Nation has yet to confirm any of the claims shared by ShinyHunters with Hackread. In its filing with the U.S. Securities and Exchange Commission (SEC), the company acknowledged a breach was discovered on May 20, and then on May 27 a “criminal threat actor offered what it alleged to be Company user data for sale via the dark web.” Yet the true extent of the hack and the sensitivity of the data accessed is still not clear. But Ticketmaster is being transparent and proactive in its communication with customers…right? Not exactly.
Despite the company’s reassurances that the incident will not have a “material impact on [their] overall business operations or…financial condition,” the fact that Live Nation waited a staggering eleven days to notify and warn customers about the breach, waiting until the filing with the SEC, or that they prioritized sharing the information with shareholders on May 31 over the public, doesn’t exactly inspire confidence.
It also doesn’t help that this is far from the first time Ticketmaster’s cybersecurity has failed to protect vulnerable data. Last year the company was forced to admit that a bot-driven attack was responsible for the 2022 Taylor Swift fiasco in which ticket sales were paused due to an overload of website traffic. Even more shocking is the guilty ruling Ticketmaster received in 2021 for hacking and spying on Songkick, a concert discovery service owned by Warner Music Group. Using passwords obtained by a former employee, they sought to “choke off the victim’s business.”
Cool Gifts for Music Lovers
The best concert earplugs to protect your hearing
This guitar is adorable! Aspiring musician?
Style & Function: Impress friends at your next party
Two California residents are among the first to file a lawsuit against Live Nation and Ticketmaster for the recent data breach. But they are not the only ones voicing their discontent with the negligence both companies have shown toward protecting or respecting such sensitive information. “you have a better chance of having your data stolen than scoring the seats you wanted,” @TepuKhan observed. Plenty of others have similarly taken to social media to express their frustration and concern over not just their data — but their accounts and tickets.
Those who want to safeguard against the possibility of their information being compromised should be wary of phishing attempts, carefully watch accounts for payment options that have been used, and change their passwords. The breach has also highlighted the importance of using multifactor authentication options to protect your accounts, as it’s now believed that hackers gained access by targeting accounts on a third-party cloud database provider used by Ticketmaster, known as Snowflake, that lacked those safeguards.
It appears to be a recurring issue with Ticketmaster that its customers continue to bear the brunt of the consequences, whether through exorbitant fees, bots, scalpers, or the exposure of sensitive data.
Words: Steven Ward
ARTISTS YOU SHOULD KNOW
BEST NEW MUSIC
This post may contain affiliate links. Ads and affiliate links are how independent blogs like Grimy Goods can operate. Thank you for supporting our work and being a part of our music community.
