Data Breaches

Events Giant Legends International Hacked

Legends International says the personal information of employees and customers was compromised as a result of a cyberattack.

Legends International says the personal information of employees and customers was compromised as a result of a cyberattack.

Live events giant Legends International has started notifying some employees and customers that their personal information was compromised as a result of a cyberattack.

Legends International provides food, beverage, merchandise, retail, and venue operations services for sporting, entertainment and other live events. The company is based in New York and has offices in several major US and European cities. 

Data breach notices that are being sent out to impacted individuals reveal that the company detected unauthorized activity on its systems on November 9, 2024. Systems were taken offline to contain the incident and an investigation revealed that some files containing personal information were exfiltrated during the intrusion.

Legends told the Texas Office of the Attorney General that the compromised information includes dates of birth, SSNs, driver’s license numbers, government ID numbers, payment card information, medical information, and health insurance information.

The Texas AG has been told that the number of Texans impacted by the incident exceeds 8,000. It’s unclear how many people were affected by the data breach in total.   

The company says there is no evidence that the compromised personal information has been misused, but impacted individuals are being offered two years of free identity protection services. 

Advertisement. Scroll to continue reading.

Legends’ response to the incident (ie, taking systems offline) is the typical action taken when dealing with a ransomware attack, but no known ransomware group appears to have taken credit for the hack. 

SecurityWeek has reached out to Legends for additional information, including the number of impacted individuals and whether this was indeed a ransomware attack, and will update this article if the company responds.

Related: Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial

Related: Insurance Firm Lemonade Says API Glitch Exposed Some Driver’s License Numbers

Related: 2.6 Million Impacted by Landmark Admin, Young Consulting Data Breaches

Related Content

Data Breaches

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version