Ticketmaster silent on data hack claims as authorities investigate any Australian breach
A cyber criminal organisation says it stole 560 million Ticketmaster customer records but Australians are in the dark as authorities chase up the claims. Here’s the latest.
A cyber criminal organisation has claimed to have hacked one of the world’s most popular online ticket sales companies, illegally acquiring the personal data of hundreds of millions of customers worldwide.
The group, known as ShinyHunters, say they were able to breach Ticketmaster’s systems and collect 1.3 terabytes of customer data.
Here’s what we know.
What is ShinyHunters?
ShinyHunters first gained notoriety in 2020 when the group claimed to have breached 13 companies over a two-week period, acquiring some 200 million stolen records.
The group also claims to be behind Breach Forums, a notorious platform on the dark web which was frequented by criminals to buy, sell and trade stolen data.
The FBI claimed to have shut down the forum just weeks ago but recent reports indicate it has since reopened.
Who are behind ShinyHunters?
In January this year, 22-year-old French national Sebastien Raoult, known as “Sezyo Kaizen”, was sentenced to three years prison in the US and ordered to pay $5m for conspiracy to commit wire fraud.
The US court identified Raoult, who was arrested in Morocco in 2022 and extradited to the US the following year, as having some link to ShinyHunters as an online identity using that acronym often went on to sell stolen data Raoult was associated with.
Mr Raoult was found to have stolen data and cryptocurrency and sold both alongside hacking tools to other criminals.
What data has been hacked?
In a post by ShinyHunters on the dark web, hackers are claiming to have collected the personal identifiable information including customers names, addresses, email address and phone numbers of 560 million global customers.
They have also claimed to have acquired the payment details of customers including credit card numbers and their expiration date.
What has Ticketmaster said about the reports?
Ticketmaster is yet to speak publicly on the matter leaving its hundreds of millions of customers in the dark on whether a breach has in fact taken place.
The Department of Home Affairs however has confirmed it is aware of the claims and has begun working with Live Nation to investigate if a breach a has taken place and the full impact.
“The Australian Government is aware of a cyber incident impacting Ticketmaster. The National Office of Cyber Security is engaging with Ticketmaster to understand the incident,” a spokeswoman told The Australian.
It urged people with “specific inquiries” to contact Ticketmaster directly.
Who owns Ticketmaster?
Ticketmaster is owned and operated by NASDAQ-listed Live Nation, a digital entertainment companies that employs over 44,000 people. Each year it sells around 500 million tickets from over 30,000 shows and over 100 festivals.
In Australia, Live Nation employs a little over 100 people, according to corporate social media platform LinkedIn.
What’s the US case against Live Nation?
Recently, the US Department of Justice filed an antitrust lawsuit to break up an alleged monopoly in the live music industry between concert promoter Live Nation Entertainment and Ticketmaster.
The lawsuit claimed Live Nation abused its dominant market position to raise ticket fees, squeeze out competitors and limit choices for fans, venues and artists. US Attorney-General Merrick Garland said Live Nation relied on unlawful, anticompetitive conduct to exercise its monopolistic control over the live events industry in the US at the cost of fans, artists, smaller promoters and venue operators.
What are experts saying?
Without Ticketmaster formerly acknowledging a breach has taken place, director of threat research at Sophos Christopher Budd said it’s too early to fully weigh in on the matter.
“Right now, since we only have the attackers’ words to go on, it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen,” he said.
“While there allegedly are new data in the dump, there is also older info, meaning it could be a series of concatenated data. Regardless of whether the breach is legitimate, the attackers have been successful in drawing attention to a criminal forum that was recently taken down.”
ShinyHunters has been reported to be the owner of Breach Forums which was previously shut down by the FBI. The dark web forum was used by the Optus hacker to publish some of the company’s customer data.
More Coverage
Start-up seeks funds for sub-aqua cleaner that doubles as a spy
Meet the Aussie diver seeking $15m to scale the underwater cleaning drone business that’s proven to save ships fuel, can map reefs and double as a spy.
CBA leaps forward in banks’ AI race
The nation’s largest bank has just leapfrogged its big four competitors as it implemented some of the most powerful AI tools in the region.