Replace: Ticketmaster assertion added beneath.
Hackers have leaked what they declare is Ticketmaster barcode information for 166,000 Taylor Swift Eras Tour tickets, warning that extra occasions could be leaked if a $2 million extortion demand just isn’t paid.
In Might, a well known risk actor named ShinyHunters started promoting information on 560 million Ticketmaster clients for $500,000.
Ticketmaster later confirmed the information breach, which they finally acknowledged was from their account on Snowflake, a cloud-based information warehousing firm utilized by the enterprise to retailer databases, course of information, and carry out analytics.
In April, risk actors started downloading Snowflake databases of not less than 165 organizations utilizing credentials stolen by information-stealing malware.
The risk actors then blackmailed the businesses, demanding fee to forestall the information from being leaked or offered to different risk actors. Corporations confirmed to have had information stolen from their Snowflake accounts embrace Neiman Marcus, Los Angeles Unified College District, Advance Auto Elements, Pure Storage, and Satander.
Taylor Swift tickets leaked
At the moment, a risk actor often known as Sp1d3rHunters has leaked what they declare is the ticket information for 166,000 Taylor Swift Eras Tour barcodes used to achieve entry on varied live performance dates.
Sp1d3rHunters, beforehand named Sp1d3r, is the risk actor behind the sale of information stolen from Snowflake accounts, publicly extorting the assorted firms for funds.
“Pay us $2million USD or we leak all 680M of your customers data and 30million extra occasion barcodes together with: extra Taylor Swift occasions, P!nk, Sting, Sporting occasions F1 System Racing, MLB, NFL and 1000’s extra occasions,” reads the extortion demand first shared by risk intel service HackManac.
Supply: BleepingComputer
The publish claims the barcode information is for upcoming Taylor Swift live shows in Miami, New Orleans, and Indianapolis.
The publish features a small pattern of the alleged barcode information, which accommodates the worth used to create a scannable barcode, seat data, the face worth of tickets, and different data. The risk actor additional shared particulars on methods to flip this information right into a scannable barcode.
Whereas the barcode information was not a part of the preliminary leak of stolen Ticketmaster information samples launched by the risk actors in Might, a few of the newly leaked information may be discovered within the older leaks, together with the hashed bank card and gross sales order data for the tickets.
The group behind these assaults is ShinyHunters, which has been liable for many information breaches over time. These embrace leaking the information for 386 million person information from 18 firms in 2020, an AT&T breach impacting 70 million clients, and, most not too long ago, the leaking of 33 million telephone numbers used with the Authy multi-factor authentication app.
Replace 7/5/24 3:44 PM ET: Ticketmaster instructed BleepingComputer that distinctive barcodes are up to date each few seconds, so the stolen tickets can’t be used.
“Ticketmaster’s SafeTix know-how protects tickets by robotically refreshing a brand new and distinctive barcode each few seconds so it can’t be stolen or copied,” Ticketmaster instructed BleepingComputer.
“This is only one of many fraud protections we implement to maintain tickets protected and safe.”
Ticketmaster additionally confirmed that they didn’t interact in any ransom negotiations with the risk actors, disputing ShinyHunter’s claims that they have been provided $1 million to delete the information.