Millions of customers may be affected by Ticketmaster breach (2024)

Ticketmaster is notifying millions of customers about a data breach that could be one of the largest in North American history.

As many as 500 million customers in the U.S., Canada and Mexico could be affected, according to law firms that have filed class-action lawsuits against Ticketmaster LLC and its parent company Live Nation Entertainment Inc.

The lawsuits allege that two companies “disregarded the rights of plaintiffs and class members by intentionally, willfully, recklessly or negligently failing to take adequate and reasonable measures to ensure its data systems were protected against unauthorized intrusions.”

Encrypted credit card information and date of birth are among the financial and personal data affected, according to the lawsuits.

Ticketmaster said on its website that “customers can continue to conduct business with Ticketmaster as normal and without issue.”

“Our comprehensive investigation — alongside leading cybersecurity experts and relevant authorities — has shown that there has been no more unauthorized activity. If you are not contacted, we do not believe your sensitive information was involved.”

Live Nation disclosed in a May 31 regulatory filing that it learned on May 27 that “a criminal threat actor’’ was offering to sell Ticketmaster data on the dark web.

Media reports say a hacking group named ShinyHunters claimed responsibility for the breach in an online forum and was seeking $500,000 for the data.

According to the notice to customers, data began being accessed on April 2 and continued until May 18. The data was obtained from a cloud database hosted by a third-party data service provider.

“We have not seen any additional unauthorized activity n the cloud database since we began our investigation,” according to the notice.

Ticketmaster said it is cooperating with federal law enforcement agencies and outside technology companies as part of its investigation.

It is offering free access to a credit reporting agency for up to 12 months for those who apply at www.mytrueidentity.com, as well as fraud assistance from Cyberscout, a TransUnion affiliate that specializes in fraud assistance and remediation.

Just the latest

Ticketmaster is just the latest business to report a data breach affecting Triad consumers and/or employees over the past 20 months.

Truist Financial Corp. reported in June that a combined 65,000 employees and customers appeared to have been affected by a data breach in October by a hacking group known as Sp1d3r.

Several media outlets, including American Banker and Atlanta Journal-Constitution, reported Friday that the hacking group is selling data affecting employees and certain customers for $1 million.

The information is supposed to contain bank transactions with names, account numbers and balances and source code for Truist’s Interactive Voice Response automated phone system for transferring funds.

Sp1d3r also has been connected with putting up for sale data belonging to Advance Auto Parts.

Truliant Federal Credit Union informed members in May that some of their financial and personal data has been involved in a data breach of a former third-party vendor. Doxim told the credit union of an April 22 cybersecurity attack that affected members.

The cybersecurity attack “resulted in unauthorized access to data ... including Truliant files from 2012.” “These compromised files contained a combination of some or all of the following categories of information for each affected member: name; account number; and Social Security number.

Nearly 1.7 million North Carolina customers have been affected by the massive AT&T data breach — one of the largest in U.S. history.

AT&T informed the state Attorney General’s Office of the number of affected customers in the state. The AG’s office disclosed the total April 18.

AT&T began notifying customers in late March that some of their personal information has been hacked with the breach occurring on the dark web in mid-March, such as full name, email address, mailing address, phone number, Social Security number, date of birth, AT&T account number and passcode.

PCmag.com reported that ShinyHunters started selling the stolen AT&T data in 2021. At the time, AT&T denied that the information had come from its systems.

HanesBrands Inc. disclosed in a May 31, 2022, regulatory filing that it began experiencing a ransomware attack on May 24, 2022.

HanesBrands said the ransomware attack affected its global supply-chain network and ability to fulfill customer orders for about three weeks.

In April, HanesBrands said it would give some current and former employees the option of credit and identity monitoring, up to a $50 Hanes store credit and $6.99 in shipping costs, or a cash payment of $35 in a proposed settlement of a federal lawsuit tied to a May 2022 ransomware attack.

Recent data breaches also have affected the Center for Creative Leadership in Greensboro, the parent company of Golden Corral, Bank of America Corp., VF Corp., Atrium Health, Novant Health Inc. and Pepsi Bottling Ventures LLC.

What consumers can do

Lisa Plaggemier, executive director of the National Cybersecurity Alliance, said consumers can take steps to reduce their exposure to data breaches.

“While there’s no need for consumers to regularly update their passwords, it’s crucial to do so when they’ve been involved in a breach like this one,” Plaggemier said.

“They should also change their password on any other account where they’ve used the same or similar password to the one on their AT&T account, a practice that should be followed during any data breach.

“Enabling multi-factor authentication whenever possible adds an extra layer of security as well.”

Plaggemier said regularly monitoring financial statements and credit reports for any suspicious activity “can also help individuals detect and respond to potential breaches promptly.”

“Furthermore, freezing their credit with the credit bureaus is a proactive measure to prevent unauthorized access to their credit information and can provide added security in the event of a data breach,” she said.