Ticketmaster has confirmed that hackers who executed last month’s breach stole email addresses, phone numbers, and encrypted payment card information from users in the US, Canada, and Mexico. Nearly a month after the hacking group ShinyHunters claimed to have stolen 1.3TB of data from Ticketmaster, including information on 560 million users, the company is now sending data breach notifications to affected customers.

The Scope of the Breach

A notification sent to the Maine Attorney General indicates that the breach affected “more than 1,000” individuals, making the full extent of the hack unclear. However, emails to customers suggest that the breach impacted those who used Ticketmaster in the US, Canada, and Mexico. Ticketmaster has stated:

“We are in the process of notifying relevant customers by either email or first-class mail. If you are not contacted, we do not believe your sensitive information was involved.”

Stolen Data Details

Other stolen data includes “encrypted credit card information as well as some other personal information provided to us,” Ticketmaster said. This implies that the hackers only obtained the last four numbers and expiration dates of credit and debit cards. In May, the ShinyHunters group tried to sell the stolen information for $500,000.

Cause of the Breach

Ticketmaster blames the breach on hackers accessing an “isolated cloud database hosted by a third-party data services provider.” Although Ticketmaster did not name the cloud provider, evidence suggests the cybercriminals targeted Snowflake, which offers data storage solutions for hundreds of major companies. Security researchers from Google’s Mandiant arm reported that a hacking group dubbed “UNC5537” exploited poor password security to target as many as 165 organizations using Snowflake.

Customer Support and Response

Ticketmaster will offer affected users 12 months of free credit monitoring. Despite the breach, the company assures that “Ticketmaster accounts were not affected,” meaning users do not necessarily need to update their passwords. Ticketmaster did not immediately respond to a request for comment.

Protecting Your Information

Given the breach’s nature and the sensitive data involved, it is advisable for affected customers to monitor their accounts for any unusual activity and take advantage of the offered credit monitoring service. Even if Ticketmaster accounts were not directly affected, staying vigilant and proactive about personal data security is crucial.

In conclusion, the Ticketmaster breach highlights the ongoing challenges companies face in protecting user data from increasingly sophisticated cyber threats. As more details emerge, affected customers should stay informed and take necessary precautions to safeguard their information.

PTSI Editorial Team

Support Line: Phone: +1 646-535-HELP (4357) Email: helpdesk@progressny.com Support web: helpdesk.progressny.com