Hackers are trying to extort Ticketmaster by leaking data that can allegedly replicate real ticket codes for Taylor Swift concerts. But the company dismisses the threat and says customer ticketing data is safe.
The hacking claims come from ShinyHunters, which initially boasted about stealing data from Ticketmaster back in May. On Thursday, the group posted in a hacking forum about allegedly stealing 440,000 tickets to attend upcoming Taylor Swift concerts.
ShinyHunters posted the claim to pressure Ticketmaster to pay $8 million while claiming the company was previously negotiating to pay $1 million. Since then, a second, possibly related hacking group called “Sp1d3rHunters” has taken things a step further and posted 170,000 barcodes that can allegedly be used to reproduce actual tickets for several Taylor Swift concerts in the US.
“Pay us $2 million USD or we leak all 680M of your users information and 30 million more event barcodes,” Sp1d3rHunters added in their post.
(Credit: BreachForums)A sample of the leaked data does appear to show barcode data for Taylor Swift concert events in Miami, New Orleans, and Indianapolis, along with the seat number and the value price. As a result, the leaks are raising fears that actual ticketholders could lose their seats to imposters who exploit the posted data.
But in a statement, Ticketmaster said no customers are at risk of losing their tickets. “Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied. This is just one of many fraud protections we implement to keep tickets safe and secure,” the company tells PCMag.
Ticketmaster also denied offering to pay ShinyHunters $1 million. “Some outlets are inaccurately reporting about a ransom offer. We were never engaged for a ransom and did not offer them money,” the company adds.
Ticketmaster was hacked in April through a third-party cloud provider. However, according to the company’s investigation, the hackers only stole customer names, email addresses, phone numbers, encrypted payment card information, and other personal information. User accounts were never directly breached.
So it’s possible ShinyHunters and Sp1d3rHunters are exaggerating their hacking claims to pressure the company to pay up. Still, the initial breach likely ensnared numerous users, who now have to worry about their data falling into the hands of cybercriminals. Ticketmaster hasn’t said how many users are affected; it’s only confirmed that customers across the US, Canada, and Mexico are impacted.