May 31, 2024 at 05:48AM
A hacking group announced the theft of data from 560 million Ticketmaster users on a new BreachForums site. This is the third BreachForums iteration following legal interventions. The group is selling the data for $500,000, containing sensitive user information going back to 2011. Ticketmaster and the Australian government are investigating. Potential legal consequences for Ticketmaster and users are looming.
From the meeting notes, the following key takeaways can be generated:
1. A notorious hacking group, ShinyHunters, claimed the theft of data belonging to 560 million Ticketmaster users on the newly created version of the BreachForums cybercrime marketplace.
2. This marks the third iteration of BreachForums, with the original version being shut down after the unmasking and charging of its administrator.
3. The second version of BreachForums was disrupted in mid-May 2024, and the recent development is the emergence of a new site following law enforcement agencies’ seizure of BreachForums in multiple countries.
4. ShinyHunters claims to possess 1.3 terabytes of data stolen from Ticketmaster and is asking $500,000 for the data, which includes sensitive information such as names, addresses, email addresses, phone numbers, partial credit card details, and financial transactions information.
5. Threat intelligence group Vx-Underground has analyzed a sample of the allegedly stolen data and found it to be authentic, with entries dating back to 2011, including some from the mid-2000s.
6. Vx-Underground, however, believes ShinyHunters is not the actual hacker responsible for the Ticketmaster data breach, but rather acting as a proxy.
7. It is suspected that the Ticketmaster data was likely stolen from AWS instances after hackers compromised a managed services provider.
8. Ticketmaster, owned by Live Nation Entertainment and based in California, has not confirmed the data breach but is already facing a class action lawsuit, with the Australian government also probing the hackers’ claims.
9. Some experts suggest that the newly launched BreachForums domain could be a honeypot site set up by law enforcement.
These takeaways highlight the severity of the Ticketmaster data breach, provide insights into potential consequences for both the company and its users, and raise questions about the nature of the newly launched BreachForums domain.