You have most likely seen this in the news, but I wanted to wait until things were confirmed before writing a post about it – but yes, it does seem true that Ticketmaster has been breached. So if you have ever used the TicketMaster platform to by event tickets, it’s highly likely, your data has been compromised.

News about the breach first appeared online earlier this week when someone using the ShinyHunters account posted on a dark web forum, the sale of 1.3TB of data from Ticketmaster.

At the moment, TicketMaster has not confirmed the breach, however members of the X.com account @vxunderground have been in contact with the individuals selling the data, and have confirmed that the sample of data they have been sent does appear to be legitimate.

In their post, vx-underground state that ShinyHunters is not the group who compromised TicketMaster, but that they are acting as a proxy for the threat actors who did. They state that the threat actors managed to gain access to a Managed Service Provider used by TicketMaster sometime in April, and it is from their that they managed to access the customer database.

The vx-underground post shows some of the data, and they state that they have found records stretching as far back as the mid 2000’s, and as recent as March this year.

The data stolen includes:

  • Full names & addresses
  • email addresses
  • Telephone numbers
  • Hashed credit card numbers
  • Credit card type & authentication type
  • All transactions for the account

The data dump reportedly contains over 560 million global users of the TicketMaster platform.

Who are ShinyHunters?

Named after the shiny cards in the Pokemon franchise, the group of hackers are believed to have formed in 2020 and within a short space of time managed to compromise many large organisations around the world.

Some of the notable attacks undertaken by ShinyHunters include:

  • 2021
    • AT&T Wireless: ShinyHunters began selling information on 70 million AT&T wireless subscribers, which contained user’s phone numbers, personal information and social security numbers.
    • Pixlr: ShinyHunters leaked 1.9 million user records from Pixlr, the AI photo editing app
    • Bonobos: ShinyHunters leaked the full backup cloud database of mens clothing store Bonobos to a hacker forum. The database contained address, phone numbers, and order details for 7 million customers; general account information for another 1.8 million registered customers; and 3.5 million partial credit card records and hashed passwords
  • 2020
    • Tokopedia:  Tokopedia – an Indonesian e-commerce platform was breached by Shinyhunters, who claimed to have data for 91 million user accounts, including gender, location, username, full name, email address, phone number, and hashed passwords.
    • Wishbone: ShinyHunters leaked the full user database of Wishbone – a highly popular comparison app. The database contained usernames, emails, phone numbers, city/state/country of residence, and hashed passwords.
    • Microsoft: ShinyHunters claimed to have stolen over 500 GB of Microsoft source code from the company’s private GitHub account. The group published approx. 1GB of data to a hacking forum. Some cybersecurity experts doubted the claims until analyzing the code; upon analysis, ShinyHunters’ claims were no longer in question. Microsoft told Wired in a statement that they are aware of the breach. Microsoft later secured their GitHub account, which was confirmed by ShinyHunters as they reported being unable to access any repositories
    • Wattpad: ShinyHunters gained access to the database for the social media writers platform – Wattpad. The database contained 270 million user records. Information leaked included usernames, real names, hashed passwords, email addresses, geographic location, gender, and date of birth.
    • Pluto TV: ShinyHunters gained access to the personal data of 3.2 million Pluto TV users. The hacked data included users’ display names, email addresses, IP addresses, hashed passwords and dates of birth.
    • Animal Jam: ShinyHunters attacked the online kids game – Animal Jam, leading to the exposure of 46 million accounts.
    • Mashable: ShinyHunters leaked 5.22GB worth of data from the Mashable database. Mashable is a ditital news and entertainment website.

Related Articles

Have AlphaV done a runner?
General blogs

Have AlphaV done a runner?

Mark
Ransomware and UK national security – A damning report
General blogs

Ransomware and UK national security – A damning report

Mark
LockBit – Latest update – Identities revealed.
General blogs

LockBit – Latest update – Identities revealed.

Mark
The Online Safety Act & Protecting children online
General blogs

The Online Safety Act & Protecting children online

Mark
McFlurry bandit targets McDonalds – twice!
General blogs

McFlurry bandit targets McDonalds – twice!

Mark