Three days after initial reports that a notorious hacking group had stolen info on more than 500 million Ticketmaster customers — and was attempting to sell the data online — parent company Live Nation Entertainment confirmed the breach in a regulatory filing late Friday.
On May 20, 2024, Live Nation “identified unauthorized activity within a third-party cloud database environment containing company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened,” the company said in the May 31 SEC filing.
On May 27, 2024, a “criminal threat actor” offered what it alleged to be Ticketmaster user data “for sale via the dark web,” according to Live Nation’s disclosure.
Currently, Live Nation said, it does not believe the incident has had “a material impact on our overall business operations or on our financial condition or results of operations” — nor does it think the hack is “reasonably likely” to have a material impact going forward. “We continue to evaluate the risks and our remediation efforts are ongoing,” the company said.
A hacking group called ShinyHunters has claimed responsibility for stealing Ticketmaster data on 560 million customers. The 1.3-terabyte trove allegedly includes personal information on Ticketmaster users such as names, credit card numbers, emails, home addresses and phone numbers. The hackers offered to sell the stolen Ticketmaster data for $500,000, as first reported by websites Hackread and Australia’s CyberDaily.
The hack does not appear to have included passwords for Ticketmaster accounts but users should change their passwords as a precaution, according to Emsisoft cybersecurity analyst Brett Callow (via the New York Times).
“We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement,” Live Nation said in the filing. “As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”
Ticketmaster and Live Nation have not responded to Variety‘s requests for comment about the hacking incident.
According to the Justice Department, the ShinyHunters hacking group posted sales of hacked data from more than 60 companies between April 2020 and July 2021. Sometimes ShinyHunters threatened “to leak or sell stolen sensitive files if the victim did not pay a ransom,” per the DOJ. In January 2024, a federal court in Seattle sentenced a 22-year-old French citizen — who was allegedly affiliated with ShinyHunters — to three years in prison and ordered to pay more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft, the Justice Department said.
The confirmation of the Ticketmaster data-security breach comes a little over a week after the Justice Department sued Live Nation on antitrust grounds on May 23, seeking to break up the company. The U.S. government’s lawsuit alleged Live Nation and Ticketmaster illegally have used monopoly power to dominate the ticketing business and quash competition. In addition to Ticketmaster, Live Nation owns or controls more than 265 concert venues in North America, including more than 60 of the top 100 amphitheaters in the U.S.