Skip to main content
close search
site logo
Dive Brief

Live Nation confirms jumbo breach, Ticketmaster customer data exposed

The live concert and entertainment giant disclosed the compromise days after reports began surfacing of a data breach. The company said it detected the intrusion on May 20.

Published June 3, 2024
Matt Kapko's headshot
Senior Reporter
Live Nation corporate offices in Hollywood, California.
Live Nation corporate offices are viewed on May 23, 2024 in Hollywood, California. The live events giant disclosed a potentially massive data breach on May 31. Mario Tama/Getty Images via Getty Images

Dive Brief:

  • Ticketmaster is responding to a potentially massive data breach involving the compromise of company and customer data, the event ticketing company’s corporate owner Live Nation Entertainment said Friday in a filing with the Securities and Exchange Commission.
  • Live Nation said it detected the intrusion in a third-party cloud database environment on May 20. “On May 27, a criminal threat actor offered what it alleged to be company user data for sale via the dark web,” the company said in the regulatory filing. The compromised data is primarily from Ticketmaster.
  • “We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement,” Live Nation said. “As appropriate we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”

Dive Insight:

Details were slim in Live Nation's incident disclosure, which came days after reports began surfacing of a data breach. The company did not share further details, including the identity of the third-party vendor, how the attacker intruded its systems, and how much and what type of data was stolen or if the breach has been contained.

The company and its subsidiary Ticketmaster haven’t responded to multiple inquiries from Cybersecurity Dive since unconfirmed reports of the breach first surfaced on Tuesday. The Cybersecurity and Infrastructure Security Agency referred any inquiries back to Ticketmaster.

“As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations,” the company said in the SEC filing. “We continue to evaluate the risks and our remediation efforts are ongoing.”

ShinyHunters, an administrator for BreachForums, a dark web marketplace for stolen data, posted a Ticketmaster customer dataset for sale on May 27, according to multiple threat analysts who viewed the post. ShinyHunters said there was 1.3 terabytes of data, which includes personal and financial information on 560 million Ticketmaster customers.

BreachForums returned online earlier this month after the site displayed messages indicating it was taken down by the FBI and international law enforcement agencies.

“The data was posted to another forum around the same time that it was posted to BreachForums. The other post is, seemingly, an associate of ShinyHunters,” said Brett Callow, threat analyst at Emsisoft.

The live concert giant first identified the unauthorized activity three days before the Justice Department, along with 30 state and district attorneys general, filed a civil antitrust lawsuit against the company and Ticketmaster for “monopolization and other unlawful conduct that thwarts competition in markets across the live entertainment industry.”

The Live Nation breach was disclosed as multiple enterprises are dealing with the fallout of an attack spree targeting Snowflake's customers. The cloud-based data warehouse is responding to a targeted threat campaign against some customer accounts.

Filed Under: Breaches, Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Mystic Valley Elder Services Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Editors' picks
Latest in Breaches
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell