The ShinyHunters hacking group has stolen 1.3 TB of data from Ticketmaster and is selling this database for $500,000.
What happened?
Ticketmaster has experienced a significant data breach, exposing sensitive data from 560 million users. The hacking group ShinyHunters is behind the breach, having published a 1.3TB database on the newly reopened BreachForums, a notorious criminal site. The leaked database includes extensive personal information such as names, postal addresses, email addresses, phone numbers, ticket sales, event details, order information, and partial payment card data.
ShinyHunters is offering the database for sale at $500,000 after an unsuccessful extortion attempt with Ticketmaster-Live Nation. This breach coincides with the relaunch of BreachForums, which had been previously shut down by the FBI. The timing suggests that ShinyHunters might be using this leak as a publicity stunt to draw attention to the forum's relaunch.
See also: HIPAA Compliant Email: The Definitive Guide
Going deeper
ShinyHunters is a notorious hacking group that first emerged in 2020. They have been involved in numerous cybercrimes, primarily focusing on data theft and extortion. The group is responsible for breaching over 60 companies, including well-known firms such as Bonobos, Pixlr, and Microsoft's GitHub account. Their attacks typically involve creating phishing pages that mimic legitimate login portals to steal employee credentials. These credentials are then used to infiltrate company networks and exfiltrate sensitive data, which they hold for ransom or sell on the dark web if their demands are not met.
Learn more:
What was said?
According to HackRead, if the breach is confirmed, it “could have severe implications for the affected users, leading to potential identity theft, financial fraud, and further cyber attacks.” ShinyHunters, in an interview with Hackread.com, disclosed that they had tried to contact Ticketmaster about the breach but had not received a reply. Hackread.com extended a request for comment to Ticketmaster, but nothing has been said from their end.
In the news: Refusal to pay is the newest strategy to combat ransom attacks
Why it matters
The Ticketmaster data breach has affected 560 million users, a massive number of victims whose personal information is now at risk. The potential consequences of this breach could be severe, as the exposed data can lead to identity theft, causing financial loss and personal distress for affected individuals. Additionally, with detailed personal information in hand, attackers can craft convincing phishing emails to further exploit victims. For Ticketmaster, the breach could result in substantial financial losses due to legal consequences, regulatory fines, and the need to compensate affected users. Furthermore, the incident damages the company’s reputation, potentially leading to a loss of customers and long-term harm to the brand.
See also: Your cybersecurity strategy is probably lacking
FAQs
What is a data breach?
A data breach is an incident where sensitive, protected, or confidential information is accessed or disclosed without authorization. This can occur due to various factors, including cyberattacks, human error, or system vulnerabilities.
How do data breaches occur?
Data breaches can occur through various methods, including malware attacks, phishing scams, social engineering tactics, insider threats, system vulnerabilities, unsecured databases, and third-party breaches
What can organizations do to prevent data breaches?
Organizations can take proactive measures to prevent data breaches by implementing robust cybersecurity practices, such as conducting regular security assessments and audits, patching and updating software promptly, implementing multi-factor authentication, encrypting sensitive data, educating employees about cybersecurity best practices, establishing incident response plans, and ensuring compliance with relevant data protection regulations.
Tshedimoso Makhene
