Alleged Ticketmaster, Live Nation Breach With Over Millions Compromised

A group of hackers is claiming that they have accessed the personal data of millions of Ticketmaster and Live Nation customers. According to multiple sources, the ShinyHunters hacking group has shared the details of an alleged hack of the company and is selling the data for a one-time price of $500,000.

A report from Hackread claims that a group known as ShinyHunters published a 1.3TB database of compromised customer data, on the newly-reopened BreachForums criminal site. 

They said the database contained sensitive information on 560 million users. This information includes payment data but also contains people’s names, postal addresses, email addresses, phone numbers, ticket sales and event details, order information, and even partial payment card data, for sale. The partial payment card data includes cardholder names, the last four digits of the cards, expiration dates, and some customer fraud details.

Information found there could be used in different ways, including phishing attacks, identity theft, and more. Ticketmaster users may want to take a few minutes to change their passwords.

TechRadar Pro reported that before offering the database for sale, ShinyHunters reached out to Ticketmaster-Live Nation in an “extortion attempt,” the group told Hackread - however the company allegedly did not respond to the group’s attempt to communicate. 

The outlet pointed out that the timing of the leak is quite “curious,” given the recent relaunch of BreachForums, one of the “most popular underground hacking forums in the world.” Specifically, just weeks after it was seized by the FBI, one of its key administrators, who goes by the alias Baphomet, was allegedly arrested. 

They also mention that the other key administrator was ShinyHunters, who apparently bragged about being out of the FBI’s reach in this case.

Some speculate that the breach might be a publicity stunt to get hackers interested in the new forum.

This comes at an especially bad time for Ticketmaster and Live Nation. As we've reported, about a week ago, the U.S. Department of Justice and 30 states filed a lawsuit against Live Nation Entertainment, which owns Ticketmaster. The lawsuit alleges that the ticketing giant has an illegal monopoly over the live music industry. The 128-page lawsuit was filed in federal court in the Southern District of New York on May 23.

The Live Nation lawsuit details the ticketing giant’s massive influence and control over the live music industry. It says Live Nation has “strategically acquired a number of smaller and regional promoters that it had internally identified as threats,” which has “undermined competition and impacted artist compensation.”

By doing this, the lawsuit claims Live Nation has unique control over concert ticket prices, as well as their highly controversial add-on fees, ranging from “Platinum” or “VIP” fees, “service” of “convenience” fees, and “facility” fees.

Additionally, the lawsuit states Live Nation “locks concert venues into long-term exclusive contracts so that venues cannot consider or choose rival ticketers or switch to better, more, or cost-effective ticketing technology.”

Recently, singer and songwriter Jon Bellion revealed the alleged pitfalls of his former deal with Live Nation. He disclosed the inner workings of his former deal on YouTube’s The George Janko Show.

"Basically, I got to a place in my career, we sold out 10,000 people at Jones Beach, I mean, it was the height of everything for me and it was right around the time I figured out how my Live Nation contract worked," Bellion recalled at the 13:02 mark in the video linked above. "It was right around the time I figured out how my record deal actually worked."

The singer could not understand why he was expected to pay off his advance when there were so many alleged loopholes being exploited by Live Nation. He recalled his deal being contingent on "hard ticket sales," while the live entertainment company solely profited off of a concept known as "peanuts, parking, and alcohol" that delivered a far greater financial haul than what Bellion was seeing.

Most people like to think they're pretty tech-savvy. However, Cobalt Labs, Inc., a platform for security and development, reported that 2,220 cyberattacks occur each day, which equates to 800,000 attacks per year. According to AAG, an IT services company, nearly 1 billion emails were exposed in a single year, affecting 1 in 5 internet users.

In January, there was a data breach that exposed billions of records online. Many outlets referred to this breach as the "Mother of All Breaches."  In a detailed report from CyberNews.com, the leak included websites like Dropbox, Linkedin, and X (formerly known as Twitter). They mentioned in their report that if users use the same passwords for their Netflix account as they do for their Gmail account, attackers can use this to pivot towards other, more sensitive accounts. They added, "Apart from that, users whose data has been included in supermassive MOAB may become victims of spear-phishing attacks or receive high levels of spam emails."

There are many ways to tell if you have been hacked, from redirected internet searches and unexpected installs to rogue mouse pointers. Some studies show that random pop-ups that quickly appear with links or advertisements can be a sign. Sometimes, one may see fraudulent antivirus warning messages, saying that your computer has been hacked from an antivirus "software" you have never actually installed. This can also be unwanted browser toolbars, emails sent from your email to your contacts, and passwords being declined among other telltale signs.

For many years, people have been told over and over again about the risk of hackers tapping into your technology. Even as technology advances and more and more security software and management techniques are created to prevent these hacks, scammers continue to find ways to break in.

There's only one sure way to avoid getting hacked. And that's to never go online. Unfortunately, many of us don't have that option. So, check out some of the top mistakes that can get you hacked below.

Many of us are still using the same password across many different accounts. While it's pretty common, it's not a good habit to have. If you're reusing passwords for multiple websites and accounts, a hacker could potentially use that password to log into those accounts. Nobody wants to have to remember a 16-digit password for every single one of their accounts, especially when getting locked out of a computer or platform at the most inconvenient time. But if a security breach were to happen, that's one less problem to worry about. Like, remembering which accounts are at risk of a threat.

Personal data exposure is really a thing. When you share personal information on social media, you expose yourself to the risk of identity theft and fraud. According to the New York Institute of Technology, Cybercriminals can use the information you share, such as your full name, date of birth, and location, to impersonate you or launch targeted attacks. Most people know that sharing sensitive information such as your car information, address, work history, or phone numbers can make you vulnerable. But some people forget that this information can also be identified through pictures and innocent as sharing your new car photo or your child's first day of school photo.

Hackers can use unsecured Wi-Fi connections to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer. Free public Wi-Fi is available almost everywhere at places like restaurants, hotels, airports, bookstores, and even retail outlets. But public wi-fi comes with risks. "Hackers can also use an unsecured Wi-Fi connection to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer," said Kaspersky, a tech company. Some people highly recommended looking into a VPN to encrypt internet traffic and keep your data hidden.

Clicking on a suspicious link or phishing link can sometimes set off a malware download that often contains malicious files. According to Aura, a credit monitoring platform, these links are capable of collecting information stored on your device. Hackers can steal credit card numbers, bank account numbers, usernames and passwords, and other personal information. If you’ve clicked on a phishing link, Cyber Tec Security suggest completely disconnecting from the internet.

The last thing many of us want to do is update our software. But there are many reasons why it's important to do so. Software updates not only fix and improve problems with your software it also helps you avoid hackers. According to the University of Idaho, software updates often include patches that fix vulnerabilities or bugs that hackers can exploit to access your system or data. "By installing the latest updates, you can reduce the risk of cyberattacks and protect your personal and business information," they said.

One of the most effective things you can do to protect your online accounts is turning on multi-factor, or two-factor, authentication for as many of your accounts as possible. This method often uses a piece of information such as a code generated by an app or sent to your phone alongside a password. Two-factor authentication adds an additional layer of security to the authentication process. According to Tech Target, using multi-factor authentication makes it harder for attackers to gain access to a person's devices or online accounts. Most companies have this in place for their employers but it's something you can use for personal emails too.