Data of 560 million Ticketmaster customers reportedly obtained in large-scale hack

The ShinyHunters hacker group is reportedly selling users’ personal data on the dark web for $500,000.

When you purchase through affiliate links on, you may contribute to our site through commissions. Learn more
Ticketmaster logo on a smartphone

Credit: Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images

Last week, the US Department of Justice announced it would be suing Ticketmaster and Live Nation, which may potentially lead to the breakup of Ticketmaster and Live Nation. The court case comes in a bid to stop the companies monopolising the live music industry – and a recent security breach is proving one other downside of the two companies controlling the live music market.

With a centralised market, most gig goers are forced to purchase their tickets through Ticketmaster or Live Nation, meaning that the sites process millions of users’ data each day. Unfortunately, this had lead to the ShinyHunters hacker group being particularly eager to attack Ticketmaster’s servers.

Allegedly, the group have illegally obtained 1.3 TB of customer data. Hackread reports that the security breach has compromised the personal data of 560 million users. The data breach includes “full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data.”

According to Hackread, the customer data is currently up for sale on the dark web for $500,000.

This isn’t the first time the notorious ShinyHunters have enacted a cyber attack on a huge company; the hackers have also previously compromised both AT&T Wireless and Microsoft servers. The FBI have previously attempted to stop the hackers by seizing and shutting down their forum, but ShinyHunters quickly reclaimed their domain.

Speaking to Hackread, ShinyHunters revealed that they have attempted to contact Ticketmaster regarding the breach. As of right now, the hackers are yet to receive a response.

However, Christopher Budd, a threat researcher at cybersecurity firm Sophos, believes that we shouldn’t immediately believe everything ShinyHunters are claiming.

“Right now, since we only have the attackers’ words to go on,” he tells Cyber Daily, “it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen. While there allegedly are new data in the dump, there is also older info, meaning it could be a series of concatenated data.”

“Regardless of whether the breach is legitimate, the attackers have been successful in drawing attention to a criminal forum that was recently taken down,” he continues. “As with many take downs like this, we often see the sites rebooted, so organisations should never let their guard down.”


Get the latest news, reviews and tutorials to your inbox.

Join Our Mailing List & Get Exclusive DealsSign Up Now

The world’s leading media brand at the intersection of music and technology.

© 2024 MusicTech is part of NME Networks.