‘ShinyHunters’ Group Claims Massive Ticketmaster Breach

The group claims to have stolen sensitive data from more than half of a billion Ticketmaster customers. Ticketmaster and its parent company Live Nation have yet to confirm the breach.

Shane Snider, Senior Writer, InformationWeek

May 30, 2024

2 Min Read
Ticket Master Website or web page on a laptop screen or computer monitor
Chris Ridley - Internet Stock via Alamy Stock

A hacking group named ShinyHunters claimed in an online forum that they breached Ticketmaster this week, allegedly stealing data that includes names, addresses, phone numbers, and partial credit card information from 560 million customers worldwide.

The group says it’s selling the 1.3-terabyte trove of data in a “one-time sale” for $500,000. ShinyHunters is well-known to the cybersecurity community with several large breaches under its belt since first appearing in 2020. The Australia Home Affairs Department said Thursday it is investigating.

“The Australian Government is aware of a cyber incident impacting Ticketmaster,” a spokesman for the department said in a statement. “The National Office of Cyber Security is engaging with Ticketmaster to understand the incident.”

The Australian government is the first to announce action, likely because the country has been struck by the group before. Last year, ShinyHunters breached Pizza Hut and stole data from 193,000 Australian customers.

While neither Ticketmaster nor parent company Live Nation have confirmed the breach, new rules by the Security and Exchange Commission require that companies disclose cybersecurity incidents within 4-business days.

In a profile posted on its website, cybersecurity firm SOCRadar said ShinyHunters allegedly also runs one of the most popular hacker forums, BreachForums. “This group, at first glance, might seem like a benign assembly of Pokémon enthusiasts, given their name … Yet, they stand accused of orchestrating data breaches that have consistently found their way onto hacker forums.”

Related:Massive Okta Breach: What CISOs Should Know

Matt Hull, global head of threat intelligence at NCC Group, in an email says the ShinyHunters group has been behind several large-scale breaches, and “despite being relatively fresh on the scene, are responsible for some notable hacks, including Microsoft, AT&T, and now, allegedly, Ticketmaster.” The 2021 AT&T breach compromised information from more than 70 million customers.

Hull says the FBI and international law enforcement has been tracking the group, noting that in 2023, a 21-year-old French national was extradited from Morocco to the US for his alleged role in ShinyHunters’ activities.

The alleged hacking is the latest bad news for Live Nation and Ticketmaster, who are the target of a Department of Justice lawsuit over antitrust claims. Ticketmaster is one of the largest online ticket sales platforms in the world.

InformationWeek contacted both Live Nation and Ticketmaster and will update with any response.

About the Author

Shane Snider

Senior Writer, InformationWeek

Shane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights