Key Points
- The Department of Home Affairs has confirmed it is seeking more information about a cyberattack on Ticketmaster.
- Up to 560 million Ticketmaster customers globally could be impacted by the data breach.
- The incident came to light after hackers apparently tried to sell the stolen information.
A ticketing giant is the latest company reportedly targeted in a cyberattack that has potentially exposed millions of customers’ data.
Ticketmaster has not yet confirmed any details of the reported hack, but it is believed Australians could be impacted.
Here’s everything we know so far.
Was Ticketmaster hacked?
Australia’s Department of Home Affairs has confirmed it is aware of a cyber incident impacting Ticketmaster.
A post on the dark web dated 28 May purported to be from a hacking group known as ShinyHunters is advertising the sale of 560 million customers’ stolen data.
The post claimed Shinyhunters had hacked the ticketing giant and was advertising the sale of 1.3 terabytes of information for US$500,000 ($755,000).
What details did the Ticketmaster hackers allegedly access?
Cybersecurity industry publication CyberDaily reported a sample of the data, including credit card details, had been included in a post advertising the sale.
Ticketmaster, which sells tickets for events such as concerts, theatre and sporting fixtures, is yet to release a statement confirming whether its databases have been hacked, or which details may have been accessed.
SBS News has contacted Ticketmaster for comment.
Professor Matthew Warren, director of the RMIT Centre for Cyber Security Research and Innovation at RMIT University, said the hackers appear to have accessed personally identifiable information, which could be used to confirm an individual’s identity.
He said organisations need to take better steps to improve their cyber security.
“Once the data has been stolen from the organisation there is nothing that the organisation can do to protect the data,” he said.
“If the organisation had encrypted the data, then if the data had been stolen, it would have been unusable by the hacker.
“The Ticketmaster attack highlights our new cyber normal. If steps are not undertaken by organisations to improve their cyber security then the situation will be repeated time after time.”
Were Australian customers impacted?
It is not yet known if Australian customers have been exposed.
A spokesperson from the Department of Home Affairs told SBS News the National Office of Cyber Security is engaging with Ticketmaster to understand the incident.
Professor Nigel Phair from the Department of Software Systems and Cybersecurity at Monash University said significant data breaches are becoming “all too common”.
“There are over five million Australian and New Zealand Ticketmaster account holders, they will be concerned about any loss of personal information, including names, addresses, passwords, credit card numbers, etc. and where this may end up on the dark web,” he said.
“It is troubling that Ticketmaster has not made any public statements regarding this data breach.
“Organisations need to be more proactive in their communications and inform the public what has happened and how they are remediating the situation.”
What do we know about the hackers?
The ShinyHunters hacking group has been implicated in a series of cyberattacks since 2020, including targeting Pizza Hut Australia in September. Nearly 200,000 customers were impacted by that hack.
Last week, pulled down its website, saying it is working to understand the impact of a hack of Australian patient data.
A post surfaced on a Russian hacking website alleging the hack. The company said its preliminary inquiries suggest “the incident originated from one of our third-party vendors”.
How can you protect yourself?
Phair said anybody who has bought tickets through Ticketmaster or has an account on the site should remain vigilant.
“Consumers need to remain hyper-vigilant in the online world and be on the lookout for unusual emails, SMS or phone calls,” he said.
“They should also look for any suspicious credit card transactions.”
You should also secure your email addresses or accounts, update passwords, and enable multi-factor authentication where possible.
Monitor your account and any linked bank cards or accounts for any suspicious activity.
If you believe a bank card or account has been compromised, you should contact your bank as soon as possible.
If you are concerned you have been impacted by a scam, you can