Ticketmaster Left Red-Faced as Hackers Swipe Personal Data of 560 Million Users, Demand $500K Ransom

A group of hackers has reportedly stolen the personal details of 560 million Ticketmaster customers . The group ShinyHunters claimed responsibility for the hack on the dark web. ShinyHunters are now demanding a ransom of $500,000 (£400,000) to prevent the data from being sold to other parties, as per BBC . Ticketmaster, which is owned by Live Nation, is yet to comment on the attack. Meanwhile, experts have warned that sensitive information of users is at risk of being sold on the dark web.

The scale of the hack

According to Hackread.com , the group claimed to have listed 1.3 terabytes' worth of Live Nation-owned Ticketmaster customer data for a one-time price of $500,000 on its cybercrime-linked platform, Breach Forums. As per the listing, the stolen data includes names, phone numbers, addresses, partial credit card details, and more Ticketmaster users from across the globe.

The Australian government has acknowledged the hack and said it is working with Ticketmaster to address the issue. A spokesperson of the FBI has confirmed that the agency has also offered to assist with the investigation.

Who are ShinyHunters?

The criminal group of ShinyHunters became notorious in 2020-2021. It rose to global attention when it exposed huge troves of customer records from over 60 companies, according to the U.S. Justice Department . The group uses the avatar of the "shiny" blue Umbreon Pokémon and derives its name from it. It operates like a player of the Pokémon game and has the mission to “Catch ‘em all.” However, instead of catching Pokémon, these cybercriminals steal as much data as possible and then sell it on the black market.

The international syndicate has allegedly been behind some of the most notable, high-profile breaches in recent years. As per Cyberdaily.au , ShinyHunters has so far breached and released the data of customers from Microsoft, AT&T, Home Chef, and other major companies.

In the case of Ticketmaster, ShinyHunters promoted the sale of the data on their own platform Breach Forum. The dark web platform was previously seized and taken down by the FBI. Not just the forum but a member of the group was also arrested and jailed in January 2024. Sebastien Raoult, a French computer hacker who was a member of ShinyHunters, was sentenced to three years in prison and ordered to pay over $5 million in restitution after he pleaded guilty.

At the time, prosecutors said that the extensive hacking operation of Raoult and his group caused millions of dollars in losses to companies and hundreds of millions of people whose data was sold to other criminals.

Mounting woes for Live Nation

This is not the first time Ticketmaster by Live Nation has been hit with cyber fraud. In November last year, the company allegedly suffered a cyber attack that caused problems in selling tickets for Taylor Swift's Eras tour .

In 2020, Ticketmaster was the perpetrator of a hack as it was fined $10 million for hacking into one of its competitor’s systems.

A day after the recent hack, Live Nation was hit with a class action lawsuit by customers alleging data breach, Bloomberg Law reported. Furthermore, last week, the U.S. Justice Department and 30 state attorney generals also filed a civil antitrust lawsuit against the company for monopolistic conduct in the live entertainment industry.