The ShinyHunters hacker group claims the Ticketmaster breach is far bigger than previously anticipated, stealing 193 million barcodes, including 440,000 Taylor Swift tickets. Valued at $22 billion, they now demand $8 million from LiveNation!
In May 2024, the notorious hacker group ShinyHunters breached Ticketmaster – LiveNation, as we know it. However, the hackers have now released new details about the extent of their breach. These details have been published on the infamous cybercrime and hacker platform Breach Forums titled “Ticketmaster event barcodes ‘Taylor Swift’ pt 1/65000.”
The Breach Unveiled
ShinyHunters marked the Fourth of July with a disturbing announcement: they claim to have stolen 440,000 tickets for Taylor Swift’s Eras Tour. In a symbolic twist, they suggest that instead of Swift performing on her tour, she will be “performing in front of Congress,” indicating this breach’s severity and public exposure.
The Staggering Numbers
The hackers provide an extensive breakdown of their hack:
- Total Exfiltrated Barcodes: 193 million
- Total Value of Stolen Tickets (TKT_FACE_VAL_AMT): $22,695,713,141.00 USD
A Shift in Negotiations
According to ShinyHunters, the hackers initially accepted a rushed $1 million offer from LiveNation to keep the breach under wraps. However, realizing the true value of the data they possess, they have escalated their demand to $8 million. They justify this increase by pointing out that they have found ways to make the breach more costly and complicated for the affected company.
Expanded Scope
In addition to the Taylor Swift tickets, ShinyHunters claims to have:
- 30 million tickets for 65,000 events: Similar to the Swift tickets, valued at $4,665,615,212.00 USD
Data at Risk
The hackers have detailed the extensive nature of the stolen data, which includes:
- 980 million sales orders
- 680 million orders detail
- 1.2 billion party lookup records
- 440 million unique email addresses
- 4 million uncased and deduped records
- 560 million AVS (Address Verification System) detail records
- 400 million encrypted credit card details with partial information
They boast that this breach is the largest publicly disclosed non-scrape breach of customer Personally Identifiable Information (PII) to date.
UPDATE July 5, 2024
A Breach Forum user using the alias “Sp1d3rHunters,” believed to be part of the ShinyHunters group (though this remains unconfirmed), has published another listing claiming to have leaked 170,000 Taylor Swift ERAS Tour event barcodes. Sp1d3rHunters is demanding a $2 million ransom for this data.
The leak, as per the hacker, includes ticketing data for events in Miami, New Orleans, and Indianapolis. Here’s the breakdown:
- Taylor Swift – October 18, 2024, Miami – 20,000 tickets
- Taylor Swift – October 19, 2024, Miami – 20,000 tickets
- Taylor Swift – October 20, 2024, Miami – 23,000 tickets
- Taylor Swift – October 26, 2024, New Orleans – 16,000 tickets
- Taylor Swift – October 27, 2024, New Orleans – 16,000 tickets
- Taylor Swift – October 28, 2024, New Orleans – 18k tickets
- Taylor Swift – November 01, 2024, Indianapolis – 18,000 tickets
- Taylor Swift – November 02, 2024, Indianapolis – 17,000 tickets
- Taylor Swift – November 03, 2024, Indianapolis – 18,000 tickets
Ticketmaster Breached by 2 Parties?
It is worth noting that Sp1d3rHunters is the same hacker who, on June 20, 2024, leaked 1 million Ticketmaster user records from the original 650 million records initially stolen by the threat actors.
If Sp1d3rHunters is indeed part of the ShinyHunters group, it is unclear why the group is making two separate ransom demands, with one member asking for $2 million and another seeking $8 million.
In the worst-case scenario, Ticketmaster was breached by two different groups, and now its data is being held for ransom by two separate parties, or is it a case of hackers getting greedy, and trying to make as much money as possible from one breach?
Implications for Ticketmaster and Customers
This breach could have severe implications for Ticketmaster and its customers:
- Financial Loss: The face value of the stolen tickets alone amounts to billions of dollars. Additionally, the potential costs of managing the breach, compensating affected customers, and potential fines could be astronomical.
- Reputation Damage: Such a high-profile breach can severely damage Ticketmaster’s reputation, leading to loss of customer trust and future business.
- Customer Impact: The stolen data includes highly sensitive information, such as encrypted credit card details and personal email addresses, putting millions of customers at risk of identity theft and financial fraud.
- Increased Security Measures: This breach underscores the need for enhanced security measures within the company to prevent future incidents.
The ShinyHunters’ breach of Ticketmaster goes on to show the cybersecurity threat posed by cybercriminals. Although Ticketmaster previously acknowledged the breach, as the situation develops, it will be necessary for Ticketmaster to address the breach transparently, enhance its security protocols, and work towards restoring customer trust. Meanwhile, customers should remain alert and monitor their accounts for any suspicious activity.
For more updates on this developing story, stay tuned!