Ticketmaster data breach: User info sold on the dark web
Entertainment conglomerate Live Nation has confirmed a data breach within its subsidiary, Ticketmaster. The breach occurred on 20th May and involved cybercriminals offering user data for sale on the dark web.
As TechCrunch reported, Live Nation disclosed the incident to regulatory authorities more than a week after it occurred.
Incident details
Live Nation detected unauthorized activity in a database managed by an external cloud provider, although the provider's name was not disclosed. In response to TechCrunch inquiries, a Ticketmaster spokesperson confirmed that Snowflake, a company specializing in data storage and analysis, hosted the database on servers.
Response from Ticketmaster and Live Nation
Snowflake stated that the attacks might have affected a limited number of customers but did not provide specific details. Snowflake spokesperson Danica Stanczak declined to comment on the Ticketmaster incident. Similarly, Live Nation and Ticketmaster representatives have not publicly commented on the details of the breach.
Information provided on the Ticketmaster website indicates that Live Nation Entertainment is a global leader in live entertainment. It consists of five companies operating in concert promotion, event venue management, sponsorship, ticket distribution, e-commerce, and artist management.
Data sale on forum
The administrator of the popular cybercriminal forum BreachForums claims to possess data on 560 million customers, including information on Ticketmaster users such as ticket sales and payment card data. TechCrunch obtained some of this data, which was found authentic after email address verification.
In May, the Department of Justice and 30 state attorneys general filed a lawsuit against Live Nation, accusing the company of monopolistic practices.
