Ticketmaster hit in major hack

Ticketmaster’s parent company, Live Nation, has confirmed a breach of its systems after a hacking group claimed to have stolen the private information of 560 million customers, BBC reports.

It isn’t yet clear whether any South African customers are affected by the data breach. MyBroadband asked Ticketmaster for comment but it hadn’t responded by the time of publication.

Hacking group ShinyHunters claimed responsibility for the attack. It says it stole names, addresses, phone numbers and partial credit card details from Ticketmaster customers globally.

It is reportedly demanding $500,000 (R9.3 million) to prevent it from selling the data to other parties.

Live Nation applied with the US Securities and Exchange Commission. It said it is investigating after a threat actor offered what it claimed to be company user data for sale on the dark web.

The hackers posted an advert for the data on the dark web on Wednesday, 29 May 2024.

According to a Wired report, the attack could be one of the biggest data breaches of the year.

This is because Ticketmaster wasn’t attacked directly. The attackers targeted data held on the servers of American cloud computing company Snowflake, which many large firms use to store and monetise their data.

Therefore, other companies will likely soon reveal that their data was also stolen.

Snowflake’s chief information security officer, Brad Jones, said the company was investigating an increase in cybercriminal activity targeting its customers’ accounts.

He said attackers had targeted only a “limited number” of accounts. However, they obtained login credentials to the company’s systems.

Snowflake also found that an unauthorised party had accessed a former staff member’s “demo” account.

However, the company said it doesn’t believe it was the source of any leaked customer credentials.

“We have no evidence suggesting this activity was caused by any vulnerability, misconfiguration, or breach of Snowflake’s product,” said Jones.

However, security researcher and HaveIBeenPwned founder Troy Hunt disagreed. Wired quoted Hunt as saying that Snowflake suffered an egregiously bad security compromise.

“It being a provider to many other different parties, it has sort of bubbled up to different data breaches in different locations,” he added.

Banking firm Santander has also confirmed that it was the victim of a data breach that affected millions of customers and staff.

Its data was also advertised by the ShinyHunters group.

South African reach

MyBroadband asked Ticketmaster if any South African customers’ private information was affected by the data breach, but it had not responded by the time of publication.

Ticketmaster is widely used in South Africa for a wide range of events, including big rugby games, concerts, and performances.

Most recently, it announced that it will use a ticket ballot system to ensure that rugby fans in South Africa get equal opportunity to buy tickets for the Springboks’ clash with New Zealand in Cape Town on 7 September 2024.

It says the move will ensure a fair process and reduce secondary sales (scalping), ticket fraud, and counterfeited tickets.

“A ticket ballot is used by many sporting bodies across the world and is the fairest way of giving people a chance to purchase tickets,” said Ticketmaster

“This system will also reduce the number of frustrated customers stuck in the queue for what will be a high-demand event.”

Those wanting to buy tickets for the match can register their interest until 9 June. However, Ticketmaster says registration will only grant entry to the ballot; it doesn’t automatically secure tickets.

Instead, those who registered will earn a place in the draw.

“Successful applicants randomly selected from the draw will be invited to purchase up to four tickets per customer on a first-come, first-served basis,” says Ticketmaster.