Australian online ticket seller and concert promoter Ticketek has experienced a significant data breach affecting 17.6 million customers. Security researcher Troy Hunt confirmed the breach, which exposed personal information such as dates of birth, email addresses, gender, names, and password hashes.
Verifying data breaches is a lot easier when your own personal info is in there 😠The sender of this breach was kind enough to pull my record out and lead with that in our conversation.
Troy Hunt on Twitter
While the Australian Minister for Cyber Security had previously acknowledged that many Australians were affected, specific numbers have not been disclosed until now. Ticketek announced in late May that the breach occurred on an unnamed third-party cloud platform.
There were earlier reports that the stolen data was offered for sale on the internet for $30,000. TechCrunch reported evidence suggesting that the data may have been stolen from the cloud platform Snowflake.
Earlier this month, Stack Diary reported that ShinyHunters claimed unauthorized access to 560 million user records in the Ticketmaster breach, initially linked to Snowflake. However, Snowflake, CrowdStrike, and Mandiant issued a joint statement clarifying that the breach was due to weak protection of customer administrator accounts, not a vulnerability in Snowflake’s platform.
The 17.6 million compromised Ticketek email addresses have been added to the Have I Been Pwned database, allowing individuals to check if their email addresses have been involved in any known data breaches. Notably, 72 percent of the leaked Ticketek email addresses had already been identified in previous breaches listed on Have I Been Pwned.
