Hackers continue to extort Ticketmaster after the major data leak in May of this year. Recently, they leaked more than 39,000 “print at home” tickets. This is another extortion technique to get a ransom from Ticketmaster.
A hacker named Sp1derHunters is now publicly selling 39,000 Ticketmaster tickets for 154 upcoming performances by well-known artists. Among those now on sale are tickets to concerts by Aerosmith, Alanis Morissette, Billy Joel & Sting, Bruce Springsteen, Carrie Underwood, Cirque du Soleil, Dave Matthews Band, Foo Fighters, Metallica, Pearl Jam, Phish, P!NK, Red Hot Chili Peppers, Stevie Nicks, STING, Tate McRae and $uicideboy$, among others.
According to Ticketmaster, internal anti-fraud systems ensure that mobile ticket barcodes are constantly refreshed with unique barcodes that discourage ticket copying and stealing. Therefore, the company believes that all tickets are secure and no fraud is possible.
Hacker has workaround
However, the hacker replies that these are physical tickets, such as “print at home PDF tickets,” which cannot be refreshed and whose barcode remains permanently valid. According to him, these tickets could simply be used by any buyer.
With the mail containing the stolen tickets, the hacker also attached a manual allowing buyers to convert the leaked ticket data into a scannable barcode. This barcode can then create tickets using business customers’ “Ticketfast” print-at-home templates.
Giant Ticketmaster data leak May 2024
The action follows the data breach from May this year, in which hackers managed to steal the data of as many as 560 million Ticketmaster customers through a breach of Snowflake accounts. In April this year, these accounts were compromised by at least 165 companies and organizations.
Also read: Ticketmaster reports cloud database breach to US stock market watchdog SEC
The hackers demanded half a million dollars for the stolen Ticketmaster data at the time. However, the event giant indicated it was not going to pay. So now the organization is being pressured to do so anyway.
Last week, the hackers released 166,000 Taylor Swift tickets and raised the ransom to $2 million.
Several parties robbed
It is not only Ticketmaster’s stolen Snowflake data that hackers are actively using for extortion. Companies and organizations such as Neiman Marcus, Los Angeles Unified School District, Advance Auto Parts, Pure Storage and Santander Bank also faced extortion based on their stolen Snowflake data.
Read more: Up to 5 million dollars demanded from Snowflake customers for return of captured data