Ticketmaster Data Breach May Affect More Than 500 Million Customers. What to Know

Live Nation confirmed in a regulatory filing with the U.S. Securities and Exchange Commission (SEC) on Friday that its subsidiary Ticketmaster has suffered a data breach.

The filing stated that on May 20, the company noticed “unauthorized activity” within a database that contained “Company data” and subsequently “launched an investigation with industry-leading forensic investigators to understand what happened.” The filing went on to describe that on May 27, a “criminal threat actor” offered to sell, what it alleged to be, Ticketmaster data on “the dark web.”

What do we know about the Ticketmaster data breach and the force behind it?

Hackread reported on May 28 that the hacking group named ShinyHunters had claimed responsibility for the cyber-attack on the online forum BreachForums, a hacking website used to facilitate data breaches and the sharing of said data. In the post, the hacking group reportedly states it is seeking $500,000 for the 1.3TB database of compromised customer data, which it claims includes names, addresses, phone numbers, and credit card details of 560 million users.

Live Nation’s regulatory filing does not state how many of its Ticketmaster users’ data has been compromised by the hack, nor does it confirm if ShinyHunters is the culprit. 

TIME has reached out to Live Nation and Ticketmaster for comment and further information.

In the filing, Live Nation stated it was “working to mitigate risk to [their] users” and was  cooperating with law enforcement officials. They went on to say that in their investigation, the breach was unlikely to make “a material impact on our overall business operations or on our financial condition or results of operations.”

What can Ticketmaster customers do to protect themselves?

In the aftermath of this breach, Ticketmaster users can protect themselves by staying vigilant against phishing attempts, monitor accounts and credit cards, and change passwords, using strong and unique alternatives.

Live Nation and Ticketmaster have yet to release a public statement addressing the breach, but on Ticketmaster’s website blog in April, ahead of the data hack, they provided general advice on how to protect information and tickets. They advised users to make sure to get contact information only from Ticketmaster’s official website and to be aware of fake customer service phone numbers that could appear in search engines.

Ticketmaster’s data breach comes at a trying time

Ticketmaster specifically dominates the market for live events in the United States—so much so that on May 23, the U.S. Department of Justice (DOJ) sued Live Nation and Ticketmaster, accusing them of running an “illegal monopoly" over live events in America—destroying competition and driving up prices for fans.

Per the complaint, in 2022 "Ticketmaster accounted for at least 70% of the total face value associated with all tickets sold at large arenas and amphitheaters." In stark contrast, "no other rival ticketed more than 14%."

In the DOJ lawsuit, Live Nation is accused of multiple tactics, including using long-term contracts to keep venues from choosing rival ticketers, blocking venues from using multiple ticket sellers, and threatening venues that they could lose money and fans if they didn’t choose Ticketmaster.

What do we know about ShinyHunters?

The hacking group claiming responsibility, ShinyHunters, is well known for its data hacking of multiple companies in 2020 and 2021, including the Indonesian e-commerce site Tokopedia, the Indian education platform Unacademy, Wattpad, AT&T Wireless, and Microsoft. In January, one member of the ShinyHunters hacking group—a French citizen named Sebastien Raoult—was arrested and sentenced in U.S. District Court in Seattle to three years in prison.

In a statement following the arrest, the Justice Department said that between April 2020 and July 2021, ShinyHunters posted sales of hacked data from more than 60 companies, and that they stole hundreds of millions of customer records and caused loss to victim companies that is estimated to exceed $6 million.