Ticketmaster confirmed in a federal filing Friday that the company was investigating a data breach that may have impacted more than 500 million customers.
Live Nation Entertainment, the parent company of Ticketmaster, wrote in a filing to the Securities and Exchange Commission (SEC), that it had found “unauthorized activity within a third-party cloud database environment.”
Here’s what you need to know about the breach:
Hacking group ShinyHunters claims responsibility
ShinyHunters, who claimed the breach, is a hacker group believed to have been formed around 2020.
Brett Callow, a threat analyst with the cybersecurity company Emsisoft, said the organization is a “credible threat actor,” but not a lot is known about the group, The New York Times reported.
Other victims of the group’s threats in the past have included Microsoft and AT&T, among other companies in the U.S. and worldwide, federal prosecutors said, according to the Times.
CyberDaily, an Australian-based tech outlet first reported the breach and said the hackers are asking for $500,000 for the stolen information from customers.
Callow told the Times that the group said it had information from 560 million Ticketmaster customers, including credit card numbers and ticket sales.
Live Nation confirms breach
News about the breach began circulating earlier this week. At that point, Ticketmaster had yet to publicly acknowledge the data leak.
In the Friday filing, the company said it noticed the unauthorized activity on May 20. Live Nation officials said they are working to mitigate risk for users and is working with law enforcement.
“As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information,” the filing reads.
The company said it doesn’t expect the breach to affect its business operations or finances.
How users can protect themselves
Joseph Steinberg, a cybersecurity expert, told CBS MoneyWatch that there are a lot of records missing and it “sounds really bad.”
Still, he said, looking at the raw data, “there’s probably a lot less than it sounds like.”
Steinberg noted that “we sometimes get impressed by numbers, but what matters much more is the quality of the data and what it means.”
Callow told the Times that for now, it doesn’t appear that user’s passwords have been compromised. He did say users should change their password for their Ticketmaster account regardless.
Steinberg told CBS that Ticketmaster account holders should be cautious about clicking on links that offer them concert tickets.
“You have to internalize the fact that you are a target,” he said.
Dean Drako, a security expert, also told CBS that users should also monitor their bank accounts for unusual behavior and initiate fraud alerts.
Live Nation, Ticketmaster lawsuits
The Live Nation filing comes just after the Department of Justice and 30 state and district attorneys general accused the company, and its subsidiary Ticketmaster, of monopolizing the live industry and harming artists and fans.
The antitrust lawsuit alleges that the company engaged in many forms of “anticompetitive conduct” like acquiring competitors and working against venues that work with competitors.
The company has also acquired amphitheaters, festivals, other venues, fellow promoters and small ticketers to monopolize the market against its rivals, the lawsuit said.
The efforts to crack down on the company began after Taylor Swift’s fans filed a class-action lawsuit after there were widespread issues trying to access tickets in a pre-sale event for her Era’s tour.