The North American part of the large events company Ticketmaster issued caution to customers after a massive hack in May led to 560 million of its users’ personal details being stolen. It has asked customers to be cautious by watching their accounts and subscribing to identity monitoring services in case of misuse by cybercriminals out to misuse the information.
Ticketmaster, one of the biggest companies in the world in the ticketing of events, has now warned its North American clients to just take urgent steps after a massive data hack in May. The company sent a mass email to Canadian consumers telling them to “be vigilant and take steps to protect against identity theft and fraud.
The breach impacted 560 million Ticketmaster customers around the world. The scammers siphoned off personal information and offered it on an illegitimate website. Although the breach was quite deep, Ticketmaster has not commented on its notification procedure or the data that was breached.
News of the breach first came when the hackers themselves publicized the hack in a dark web advertisement before the company issued an official notice to its shareholders that explained that it was an attack where hackers had accessed names and some basic contact details, but did not detail all information accessed and that encrypted credit card details were taken but so far Ticketmaster has not elaborated on how secure that encryption is.
A spokesman for Ticketmaster in Canada told the BBC that customers should be check their online account and bank statements to be vigilant for any sign of fraud. The ticket-selling company also recommended to all the customers subscribe to an identity monitoring service for which it is footing the bill for its Canadian customers, which automatically alerts its customers if it finds their information on the dark web. It will be available for one year.
This week, Ticketmaster warned customers that they should be in a state of heightened alertness for any email that might seem to come from the company. A common fallout of a data breach comes in the shape of secondary hacking or fraud attempts, such as other cybercriminals trying to piggyback on now-stolen information to trick people into sending money or installing malware. This actually happens.
On May 28, the same group suspiciously dumped customer data numbering 560 million on a hacking forum, quoting that the sale should be at $500,000. It has not been determined if the data was sold. Further investigations showed that the hackers had stolen login details from Snowflake, the cloud storage service currently used by Ticketmaster. The hack affected more than 160 other clients of Snowflake, with incalculable amounts of private and corporate data.
Among the clients affected was the Santander banking group. Cybersecurity firm Mandiant has revealed that 30 million customers of Santander were hacked, accounted for in Chile, Spain, and Uruguay. An investigation done by cybersecurity firm Mandiant further established that there was no breach intercepted in Snowflake. The hackers got login details directly from each client company.
Live Nation, a parent company to Ticketmaster, further confirmed the hack in a notice to shareholders filed with the US Securities and Exchange Commission. The company noted that unauthorized activity had occurred on its database but added that the hack would not have a material impact on its operations.
This then puts the responsibility in the hands of the customers not to allow any misuse of their personal information.
As their cautionary words, everybody now is supposed to be yet more alert and take precautions for their money and identity well, this was kind of a dangerous data breach.