170,000 Taylor Swift tickets "given away" by cyber criminals
After a break-in at Ticketmaster's parent Live Nation, the perpetrators increase the pressure. They distributed 170,000 tickets for Taylor Swift concerts.
(Image: Brian Friedman/Shutterstock.com)
Following a break-in at the entertainment company Live Nation, which became known at the end of May, the perpetrators are now increasing the pressure. In order to substantiate their ransom demand, they have now distributed around 170,000 tickets for Taylor Swift concerts on the Eras tour. Ticketmaster plans to inform customers about the incident from Monday this week.
(Image: heise online / cku)
On Friday, the cyber criminals published around 170,000 barcodes for nine Taylor Swift concerts in the "Breachforum". They also linked to instructions on how to create valid tickets from the barcodes. They supplement this publication with a ransom demand for 2 million US dollars. They also threaten to publish 680 million user data records and a further 30 million event barcodes for events such as concerts by Taylor Swift, Pink, Sting or for sporting events such as Formula 1 races, the MLB or NFL and others if payment is not made.
Affected customers will be informed
The Attorney General's Office of the State of Maine has published a notification submitted by Ticketmaster regarding a data leak. According to the notification, the cyber intrusion took place on April 2 and was discovered on May 23. The other figures given appear to be understated. "More than 1000" people were affected, as well as "more than 1000" residents of the state of Maine. The affected customers are to be informed about the data leak from July 8.
It is not yet clear whether Live Nation, Ticketmaster's parent company, will comply with the ransom demand - so far this has not happened, and IT security experts also recommend not paying a ransom. Information on whether the published barcodes can actually be converted into valid tickets or whether they can be recognized and blocked on entry is also currently unknown.
These attacks are said to stem from cyberattacks against Snowflake's data cloud, which became known at the beginning of June. Snowflake customers who had not activated two-factor authentication had become victims. During the attack, access information was leaked to more than 100 Snowflake customers, who were then also attacked by the perpetrators. Among them was Live Nation.
The data thieves from "ShinyHunters" offered more than 560 million stolen data records from Live Nation in the "Breachforums" at the end of May. The ransom demand at the time was still 500,000 US dollars. The data records are said to include names, addresses and contact information of customers as well as order and payment information of Live Nation customers from all over the world.
Taylor Swift concert tickets are very popular with cyber criminals. In May, data thieves also stole tour tickets for the popular singer by means of credential stuffing. However, the affected accounts were identifiable. The affected tickets were blocked and customers were informed about the breach and the activation of multi-factor authentication.
(dmk)