In recent events, hackers have attempted to extort Ticketmaster by claiming to have stolen ticket barcodes worth over $22 billion. The attackers, identified as ShinyHunters, have already leaked barcodes for Taylor Swift’s Eras tour on hacker forums and threatened to release more if their ransom demands are unmet.
ShinyHunters initially demanded $1 million from Live Nation, Ticketmaster’s parent company, but later increased their demand to $8 million. They claim to have compromised 193 million barcodes and possess information on 680 million ticket orders, 440 million unique email addresses, and partial information from 400 million encrypted credit cards.
Ticketmaster officially acknowledged the data breach with an SEC filing in late May and has since begun notifying all affected customers. However, the full extent of the breach is not known to the public and has not been confirmed by Ticketmaster. In our earlier report, Ticketmaster only confirmed that user accounts and passwords are unaffected.
Despite the alarming scope of the breach, Ticketmaster asserts that the leaked barcodes are “worthless.” The company employs SafeTix technology, which refreshes ticket barcodes every few seconds, rendering stolen or copied barcodes unusable. Ticketmaster told us, “This is just one of many fraud protections we implement to keep tickets safe and secure.”
The hackers, undeterred by these security measures, have continued their threats. On July 5, a user known as Sp1d3rHunters, believed to be affiliated with ShinyHunters, posted another batch of 170,000 Taylor Swift tickets and threatened to leak additional data if Ticketmaster did not pay $2 million.
ShinyHunters has a history of high-profile data breaches. Most recently, it is believed that they were passed over access to various databases from Snowflake, a cloud-based data warehousing service; the access to the said databases was obtained by another threat actor using stolen credentials via information-stealing malware. Victims include Ticketek, Pure Storage, and Advance Auto Parts.
While the hacker group’s claims are concerning, Ticketmaster denies any negotiations with the attackers. According to the company, reports of offering $1 million to ShinyHunters are false. They remain firm in their stance, emphasizing that the stolen barcodes cannot be used for fraudulent entry to events.
The breach has caused concern among customers, particularly those holding tickets to high-demand events like Taylor Swift concerts. However, Ticketmaster has reaffirmed that customers’ tickets remain secure due to its security measures.
