ShinyHunters hack Ticketmaster, theft and sale of 560M user data, confirmed
Learn More
A massive data breach has reportedly compromised the personal data and payment information of 560 million Ticketmaster users. The hacker group ShinyHunters claimed responsibility for the breach, alleging that they infiltrated the security systems of Ticketmaster and Live Nation.
The stolen data, amounting to 1.3 terabytes, is now available for purchase on Breach Forums for $500,000.
The claimed stolen data includes:
- Full names
- Addresses
- Email addresses
- Phone numbers
- Ticket sales and event details
- Order information
- Partial payment card data (including last four digits and expiration dates)
Currently, Ticketmaster has not confirmed or denied the breach. ShinyHunters has attempted to contact Ticketmaster but has received no response. Authorities and cybersecurity experts are likely investigating the incident.
Update - The Australian Department of Home Affairs reports it is aware of an incident impacting Ticketmaster customers.
As of 31st of May 2024 Live Nation, the owner of Ticketmaster has confirmed a data breach affecting its ticketing subsidiary,. The company disclosed the breach in a filing with government regulators late Friday after market close.
The unauthorized activity was identified within a third-party cloud database environment. While the specific third party was not named by Live Nation, a spokesperson from Ticketmaster confirmed the database was hosted on Snowflake, a cloud storage and analytics company based in Boston.
The breach potentially exposed personal information related to Ticketmaster customers, including email addresses, ticket sales, and customer card information.
As of 5th of July 2024, ShinyHunters have leaked alleged Ticketmaster barcodes for 166,000 Taylor Swift tour tickets. They are threatening to release more data if a $2 million ransom is not paid. Ticketmaster's denies the claims of stolen barcodes, explaining that their SafeTix technology secures tickets by automatically refreshing their barcodes every few seconds, preventing them from being stolen or copied.
As of 8th of July 2024, Ticketmaster informed customers that the breach potentially compromised
- names,
- contact information,
- encrypted payment card details.
As of 7th of June 2025, the Arkana Security gang briefly listed data that looked like newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks.
The extortion group posted screenshots of the allegedly stolen data, advertising over 569 GB of Ticketmaster data for sale. BleepingComputer determined that the files shown in the Arkana post match samples of Ticketmaster data previously seen during the 2024 Snowflake data theft.
Users of Ticketmaster are advised to monitor financial accounts, change passwords, and be careful about phishing attempts.
Ticketmaster has faced cybersecurity challenges before, including a bot-driven attack on Taylor Swift’s concert ticket sales in January 2023 and a hacking incident involving a rival company, Songkick, leading to a $10 million settlement.
