‘ShinyHunters’ Group Claims Massive Ticketmaster Breach

A hacking group named ShinyHunters claimed in an online forum that they breached Ticketmaster this week, allegedly stealing data that includes names, addresses, phone numbers, and partial credit card information from 560 million customers worldwide.

The group says it’s selling the 1.3-terabyte trove of data in a “one-time sale” for $500,000. ShinyHunters is well-known to the cybersecurity community with several large breaches under its belt since first appearing in 2020. The Australia Home Affairs Department said Thursday it is investigating.

“The Australian Government is aware of a cyber incident impacting Ticketmaster,” a spokesman for the department said in a statement. “The National Office of Cyber Security is engaging with Ticketmaster to understand the incident.”

The Australian government is the first to announce action, likely because the country has been struck by the group before. Last year, ShinyHunters breached Pizza Hut and stole data from 193,000 Australian customers.

While neither Ticketmaster nor parent company Live Nation have confirmed the breach, new rules by the Security and Exchange Commission require that companies disclose cybersecurity incidents within 4-business days.

In a profile posted on its website, cybersecurity firm SOCRadar said ShinyHunters allegedly also runs one of the most popular hacker forums, BreachForums. “This group, at first glance, might seem like a benign assembly of Pokémon enthusiasts, given their name … Yet, they stand accused of orchestrating data breaches that have consistently found their way onto hacker forums.”

Related:Massive Okta Breach: What CISOs Should Know

Matt Hull, global head of threat intelligence at NCC Group, in an email says the ShinyHunters group has been behind several large-scale breaches, and “despite being relatively fresh on the scene, are responsible for some notable hacks, including Microsoft, AT&T, and now, allegedly, Ticketmaster.” The 2021 AT&T breach compromised information from more than 70 million customers.

Hull says the FBI and international law enforcement has been tracking the group, noting that in 2023, a 21-year-old French national was extradited from Morocco to the US for his alleged role in ShinyHunters’ activities.

The alleged hacking is the latest bad news for Live Nation and Ticketmaster, who are the target of a Department of Justice lawsuit over antitrust claims. Ticketmaster is one of the largest online ticket sales platforms in the world.

InformationWeek contacted both Live Nation and Ticketmaster and will update with any response.