CyberInsider

Reliable cybersecurity news and resources

General

Guides

About

Cyber Insider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

TicketMaster Hacker Leaks 1 Million Records to Raise Extortion Heat

By Leave a Comment
TicketMaster Hacker Leaks 1 Million Records to Raise Extortion Heat

A major data breach has exposed the personal information of 1 million TicketMaster users, with the data leaked on BreachForums by a hacker known as Sp1d3r. The leaked data includes sensitive information such as names, addresses, IP addresses, emails, dates of birth, and partial credit card details.

The leak was announced by Sp1d3r earlier today, with the hacker claiming that TicketMaster had ignored their attempts to negotiate a sale of the data. In response, Sp1d3r decided to release the information for free, highlighting TicketMaster's alleged disregard for the privacy of their 680 million customers. The leaked data comprises a comprehensive array of personal details, which could be used for various malicious activities including identity theft and financial fraud.

The leaked dataset includes:

  • Customer ID
  • MD5 Hex and HMAC values
  • IP addresses
  • Browser and session cookie values
  • Payment method details, including credit card types, last four digits, and expiration dates
  • Personal details such as names, genders, dates of birth, and addresses
  • Email addresses and phone numbers

This data was given away almost for free, with the attacker putting the price to unlock to a single credit on BreachForums, which is a very low, symbolic price. What this does is to ensure only registered members of the forums can access the leaked data, preventing scraping.

TicketMaster, part of Live Nation Entertainment, is a leading American ticket sales and distribution company based in Beverly Hills, California. Operating worldwide, it merged with Live Nation in 2010. The scale and nature of the breach pose significant risks to the company's reputation and customer trust.

Earlier reports suggested that a broader security incident at cloud vendor Snowflake might be behind the recent data breaches affecting TicketMaster and other clients, including Santander Bank. It was later revealed that the breaches resulted from Snowflake account hijacks, with no evidence suggesting a central compromise in the provider's enterprise environment. Mandiant attributed the attacks to the financially motivated threat group tracked as ‘UNC5537.'

With the first million records leaked in an extortion move, it's not unlikely that more massive dumps will follow shortly, assuming that TicketMaster isn't interested in negotiating a ransom payment to Sp1d3r.

About Alex Lekander

Alex is the founder and Editor-in-Chief of CyberInsider.com. His background and expertise includes digital privacy, security, and tech journalism. When he’s not working behind a screen, Alex is probably tinkering with a boat or enjoying the outdoors.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *