ShinyHunters Reveals 440,000 Taylor Swift Tickets Following Ticketmaster Leak

By /


Hacker group ShinyHunters claims that the Ticketmaster security breach is much bigger than expected, stealing 193 million barcodes, including 440,000 Taylor Swift tickets. Estimated at $22 billion, the breach is now demanding $8 million from LiveNation!

In May 2024, the famous hacker group ShinyHunters Hacked Ticketmaster – LiveNationas we know it. However, hackers have now released new details about the extent of their breach. These details were published on the infamous cybercrime and hacking platform Violation Forums titled “Ticketmaster “Taylor Swift” Event Barcodes pt 1/65000.”

ShinyHunters Amplify Ticketmaster Security Breach, Leak 440,000 Taylor Swift Eras Tour Tickets
ShinyHunters on Breach Forums (Screenshot: Hackread.com)

The Breach Revealed

ShinyHunters celebrated the Fourth of July with a disturbing announcement: They claim to have stolen 440,000 tickets to Taylor Swift’s Eras tour. In a symbolic twist, they suggest that instead of performing on her tour, Swift will perform “in front of Congress,” which speaks to the seriousness of this crime and its public exposure.

Staggering figures

The hackers provide a detailed description of their hack:

  • Total number of barcodes exfiltrated: 193 million
  • Total value of stolen tickets (TKT_FACE_VAL_AMT): USD 22,695,713,141.00

A change in negotiations

According to ShinyHunters, the hackers initially accepted a rushed offer of $1 million from LiveNation to keep the breach a secret. However, realizing the true value of the data they possess, they increased their demand to $8 million. They justify this increase by pointing out that they have found ways to make the breach more expensive and more complicated for the affected company.

Expanded scope

In addition to Taylor Swift tickets, ShinyHunters claims to have:

  • 30 Million Tickets for 65,000 Events: Similar to Swift Tickets, valued at $4,665,615,212.00

Data at risk

The hackers detailed the extent of the stolen data, which included:

  • 980 million sales orders
  • Detail of 680 million orders
  • 1.2 billion party search records
  • 440 million unique email addresses
  • 4 million unencapsulated and deduplicated records
  • 560 million detailed AVS (Address Verification System) records
  • 400 million credit card records encrypted with partial information

They boast that this breach is the largest breach of customer personally identifiable information (PII) not related to scraping publicly disclosed to date.

ShinyHunters Amplify Ticketmaster Security Breach, Leak 440,000 Taylor Swift Eras Tour Tickets
Screenshot of the leaked file (Screenshot: Hackread.com)

Disclosure:

Hackread.com believes in transparency; therefore, we publicly disclose that we used ChatGPT-4o to analyze the leaked data due to its complexity. Here is the breakdown and conclusion:

The leaked data contains detailed information about ticket sales for Taylor Swift's Eras Tour event, specifically for a concert at Lucas Oil Stadium in Indianapolis, Indiana. Here is a breakdown of the key data fields present in the leak:
Event Details:
EVENT_ID_SRC_SYS_CD: Source system code for the event.
EVENT_START: Date and time of the event.
EVENT_KEY: Unique identifier for the event.
EVENT_HEX: Hexadecimal representation of the event ID.
EVENT_ID: Numeric ID of the event.
EVENT_NAME: Name of the event (Taylor Swift | The Eras Tour).
EVENT_TIMEZONE: Timezone of the event.
EVENT_MULTIPLEDAYS: Indicator if the event spans multiple days.
EVENT_VENUE_NAME: Venue name.
EVENT_VENUE_COUNTRY: Country where the event is located.
EVENT_VENUE_STATE: State where the event is located.
EVENT_VENUE_CITY: City where the event is located.
EVENT_VENUE_POSTCODE: Postcode of the event venue.
EVENT_VENUE_ADDR1: Address line 1 of the venue.
EVENT_VENUE_ADDR2: Address line 2 of the venue (if applicable).
EVENT_VENUE_LONG: Longitude of the event venue.
EVENT_VENUE_LAT: Latitude of the event venue.
Ticket Details:
SALES_ORD_ID: Sales order ID.
SALES_ORD_TRAN_ID: Transaction ID related to the sales order.
BASE_TKT_TYPE_CD: Base ticket type code.
EXTENDED_TKT_TYPE_CD: Extended ticket type code.
TKT_BARCODE_VAL: Barcode value for the ticket.
SECT_NAME: Section name where the seat is located.
ROW_NUM: Row number of the seat.
SEAT_NUM: Seat number.
XNUM_CD: Additional numerical code related to the seat.
VEN_ID: Venue ID.
HOST_SYS_CD: Host system code.
HOST_VAX_ACCT_NUM: Host VAX account number.
HOST_ACCT_CREATE_DT: Date when the host account was created.
TKT_FACE_VAL_AMT: Face value amount of the ticket.
TRAN_VOID_FLG: Indicator if the transaction was voided.
TRAN_VOID_DT: Date when the transaction was voided (if applicable).
CPN_CAT_ID: Coupon category ID.
CPN_PWD_PRIM_VAL: Primary value of the coupon password.
QUALIFIER_NAME1/2/3: Qualifier names.
QUALIFIER_COMBO_ID: Qualifier combo ID.
EVENT_VENUE_KEY: Venue key.
Potential Uses of the Data

The barcode values (TKT_BARCODE_VAL) and seat details (section, row, seat numbers) can be used to create counterfeit tickets or resell tickets fraudulently.
Identity Theft and Financial Fraud:
The data includes host account creation dates and VAX account numbers, which could be leveraged to identify and exploit user accounts.
Phishing and Social Engineering Attacks:
With detailed personal information, attackers can craft convincing phishing emails or social engineering attacks targeting ticket buyers.
Market Analysis and Competitor Intelligence:
Competitors can analyze the pricing (TKT_FACE_VAL_AMT), seating arrangements, and sales data to understand Ticketmaster's market strategies.
Reputation Damage:
Public disclosure of this data can significantly harm Ticketmaster's reputation, causing loss of customer trust and future business.
The exposure of personally identifiable information (PII) might result in substantial fines from regulatory bodies and legal actions from affected customers.
Conclusion
The leaked data is highly sensitive and can be exploited in numerous malicious ways, from direct financial fraud to broader market implications and significant reputational damage for Ticketmaster. Immediate steps to mitigate these risks and protect affected customers are crucial.

UPDATED July 5, 2024

A Breach forum user using the handle “Sp1d3rHunters,” who is believed to be part of the ShinyHunters group (although this is unconfirmed), posted another announcement claiming to have leaked 170,000 Taylor Swift ERAS Tour event barcodes. Sp1d3rHunters is demanding a $2 million ransom for this data.

According to the hacker, the leak includes ticketing data for events in Miami, New Orleans and Indianapolis. Here are the details:

  • Taylor Swift – October 18, 2024, Miami – 20,000 tickets
  • Taylor Swift – October 19, 2024, Miami – 20,000 tickets
  • Taylor Swift – October 20, 2024, Miami – 23,000 tickets
  • Taylor Swift – October 26, 2024, New Orleans – 16,000 tickets
  • Taylor Swift – October 27, 2024, New Orleans – 16,000 tickets
  • Taylor Swift – October 28, 2024, New Orleans – 18,000 tickets
  • Taylor Swift – November 1, 2024, Indianapolis – 18,000 tickets
  • Taylor Swift – November 2, 2024, Indianapolis – 17,000 tickets
  • Taylor Swift – November 3, 2024, Indianapolis – 18,000 tickets
Ticketmaster Breach: ShinyHunters Leaks 440,000 Tickets to Taylor Swift Eras Tour
Sp1d3rHunters on Breach Forums (Screenshot: Hackread.com)

Ticketmaster hacked by 2 parties?

It is worth noting that Sp1d3rHunters is the same hacker who on June 20, 2024, leaked 1 million Ticketmaster user records out of the original 650 million records initially stolen by the threat actors.

If Sp1d3rHunters is indeed part of the ShinyHunters group, it is unclear why the group is making two separate ransom demands, one asking for $2 million and the other for $8 million. In the worst-case scenario, Ticketmaster was hacked by two different groups, and its data is now being held for ransom by two separate parties.

Consequences for Ticketmaster and its customers

This breach could have serious consequences for Ticketmaster and its customers:

  1. Financial loss:The face value of the stolen tickets is estimated to be in the billions of dollars. In addition, the potential costs of managing the breach, compensating affected customers and potential fines could be astronomical.
  2. Damage to reputation:A breach of this magnitude could seriously damage Ticketmaster’s reputation, resulting in loss of customer trust and future business.
  3. Impact on the customer:The stolen data includes highly sensitive information, such as encrypted credit card information and personal email addresses, exposing millions of customers to the risk of identity theft and financial fraud.
  4. Enhanced security measures:This breach highlights the need to strengthen security measures within the company to prevent future incidents.

ShinyHunters’ Ticketmaster breach highlights the threat cybercriminals pose to cybersecurity. Ticketmaster previously acknowledged the violationAs the situation evolves, Ticketmaster will need to transparently address the breach, strengthen its security protocols, and work to rebuild customer trust. In the meantime, customers should remain vigilant and monitor their accounts for suspicious activity.

For further updates on this developing story, stay tuned!

  1. BreachForums returns as ShinyHunters Hackers
  2. Alleged member of ShinyHunters hacker group arrested
  3. TEG Ticketing System Breach: 30 Million User Records Up for Sale
  4. ShinyHunters Leaks 33 Million Twilio Authy Phone Numbers
  5. ShinyHunters hacks Santander bank: 30 million user data for sale
  6. ShinyHunters Leaks Database of Indian Wedding Site WedMeGood
  7. AT&T Breached ShinyHunters Security, Selling AT&T Database With 70 Million SSNs





Source link

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top