Ticketfly, the ticket distribution service owned by Eventbrite, has started restoring services after its website was defaced by a hacker who also gained access to user information.
The attack took place on or around May 30, when a hacker decided to exploit a vulnerability he had found in Ticketfly systems. The attacker, using the online moniker “IsHaKdZ,” reportedly asked the company to pay 1 bitcoin for information on the security hole. Since Ticketfly did not comply with his request, IsHaKdZ defaced ticketfly.com and the websites of several music venues.
The hacker also stole and leaked the details of Ticketfly customers and employees. Troy Hunt, the owner of the Have I Been Pwned data breach notification service, has analyzed the data and determined that over 26 million unique users are impacted. The compromised data includes email addresses, names, physical addresses and phone numbers.
The hack appears to have targeted Ticketfly’s WordPress-based assets. WordPress is also used for Ticketfly-powered websites provided to music venues, which would explain how the hacker managed to deface several sites.
Ticketfly says it has started restoring some of the affected services, including Box Office, Emailer, reporting, scanning, printing, and ticket purchasing systems.
“We’re rolling out a secure website solution as an alternative to your Ticketfly-powered site to meet your immediate needs. We’ve built a secure, non-WordPress based website solution with your existing domain, and your site will appear sometime today,” the company told customers in an updated FAQ.
The company has not shared too many details on the impact of the breach, but it has confirmed that names, addresses, email addresses, and phone numbers belonging to Ticketfly fans have been compromised.
“Our investigation into the incident is ongoing. It’s critical that the information we share with you is accurate and backed by certainty. We are working with a team of forensic cybersecurity experts; the reality is cyber incidents are unique, and the investigations typically take more time than one would like because the full picture of what happened isn’t always quick to develop,” Ticketfly said.
Related: Top Music Videos Including ‘Despacito’ Defaced by Hackers
Related: Pro-ISIS Hacking Group Continues Defacement Campaign

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Dole Says Employee Information Compromised in Ransomware Attack
- High-Severity Vulnerabilities Found in WellinTech Industrial Data Historian
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
Latest News
- CISA, NSA Issue Guidance for IAM Administrators
- Analysis: SEC Cybersecurity Proposals and Biden’s National Cybersecurity Strategy
- Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform
- Cisco Patches High-Severity Vulnerabilities in IOS Software
- ‘Nexus’ Android Trojan Targets 450 Financial Applications
- Tackling the Challenge of Actionable Intelligence Through Context
- Dole Says Employee Information Compromised in Ransomware Attack
- Backslash Snags $8M Seed Financing for AppSec Tech
