This is a work in progress. While we strive for accuracy, some breach details may be incomplete or pending verification.

Ticketmaster Australia

Summary

Ticketmaster, operated globally by Live Nation Entertainment, suffered a massive data breach affecting 560 million customers worldwide, including over 5 million Australian and New Zealand account holders. The hacking group ShinyHunters claimed to have stolen 1.3 terabytes of data and offered it for sale on the dark web for $500,000 USD.

What Happened

On 20 May 2024, Live Nation identified "unauthorized activity" within a third-party cloud database environment. The breach was publicly disclosed on 28 May 2024 when ShinyHunters posted the stolen data for sale on dark web forums.

The attackers gained access to Ticketmaster's cloud storage systems and exfiltrated a massive dataset containing customer information from multiple countries, including a significant number of Australian customers.

Impact on Individuals

According to the hackers' claims, the stolen data included:

  • Full names and addresses
  • Email addresses and phone numbers
  • Dates of birth
  • Credit card details (partial numbers and expiry dates)
  • Order histories and ticket purchase information

Ticketmaster initially stated that payment information was not affected, but ShinyHunters' claims contradicted this. The Australian Department of Home Affairs worked with Ticketmaster to understand the full extent of the impact on Australian customers.

The breach creates significant risks for:

  • Financial fraud using exposed credit card information
  • Identity theft using the combination of personal details
  • Targeted phishing campaigns mimicking Ticketmaster communications
  • Account takeover for future ticket purchases

Organisational Response

Live Nation reported the incident to law enforcement and engaged external cybersecurity experts to investigate. The company began working with regulators globally, including Australian authorities, to assess the impact and notify affected customers.

The incident highlighted vulnerabilities in third-party cloud storage systems and raised questions about the security practices of major entertainment platforms handling sensitive customer data at scale.

[extra.impact] affected_individuals = 5000000 individuals_note = "" data_volume_gb = 1300 record_count = 0 financial_cost_total = 0 ransom_demanded = 0 ransom_paid = 0 estimated_remediation = 0 downtime_hours = 0 downtime_note = "" +++

Verification Source: View original statement