Ticketmaster has notified its North American consumers to take quick action in response to a significant cybersecurity incident that occurred after a huge attack in May. Customers in Canada received emails over night advising them to be vigilant and take precautions against fraud and identity theft. It has been alleged that victims in the US and Mexico have received similar alerts.
Affected Customers: 560 Million
Cybercriminals attempted to resell the personal information they had acquired online as a result of the breach, which affected 560 million Ticketmaster customers worldwide. The hackers themselves released the first information about the hack, and Ticketmaster then notified its stockholders. Names, basic contact information, and encrypted credit card information are among the stolen data. Ticketmaster hasn’t disclosed the encryption’s level of security, though.
Quick Action for Clients
Customers are advised in Ticketmaster’s email to keep an eye out for any odd behavior on their bank statements and online accounts. For a whole year, the business is offering free identity monitoring services to consumers in Canada. Customers will receive alerts from this service if any personally identifiable information is found on the dark web.
Additionally, customers are cautioned not to trust communications that seem to be from Ticketmaster because data breaches frequently result in follow-up hacking or fraudulent attempts.
ShinyHunters are the hackers
The incident was attributed to the hacking organization ShinyHunters, who on May 28 posted an advertisement on a hacking site offering 560 million users’ data for $500,000. Through the theft of login credentials from Snowflake, the business that Ticketmaster employs for cloud storage, the hackers were able to get data from Ticketmaster. Over 160 other Snowflake clients were also impacted by this hack, including the banking company Santander, whose 30 million customers’ data in Chile, Spain, and Uruguay was exposed.
Official Reaction and Investigation
Snowflake was not compromised, according to cybersecurity firm Mandiant, which looked into the attacks. Rather, the hackers obtained login credentials straight from every customer organization.
In a notice to shareholders submitted with the US Securities and Exchange Commission, Live Nation, the parent company of Ticketmaster, confirmed the hack and acknowledged “unauthorized activity” while assuring that it would not have a significant effect on the company’s operations. Journalists have asked for feedback on several occasions, but Ticketmaster has not replied.
What Ticketmaster customers should do next is as follows:
- Check your internet and bank account statements for any unusual activity.
- Enroll in Ticketmaster’s identity monitoring services.
- Watch out for shady emails purporting to be from Ticketmaster.