Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Personal Data Compromised in Ticketfly Hack

Ticketfly hacked

Eventbrite-owned ticket distribution service Ticketfly shut down its website on Thursday after it was defaced by a hacker who calls himself “IsHaKdZ.”

Ticketfly hacked

Eventbrite-owned ticket distribution service Ticketfly shut down its website on Thursday after it was defaced by a hacker who calls himself “IsHaKdZ.”

The Ticketfly website was defaced with a message that read, “Ticketfly HacKeD By IsHaKdZ. Your Security Down im Not Sorry. Next time I will publish database ‘backstage’ (sic).” The defacement page also included links to files containing personal information, such as names, physical addresses, phone numbers and email addresses.

The data breach also seems to impact some music venues, whose websites also displayed the same message from the attacker.

Websites of several music venues hacked via Ticketfly

On its support website, Ticketfly said the hacker gained access to customer and client information.

As a result of the incident, individuals who have purchased tickets via Ticketfly will have to print them out and bring a photo ID to the venue hosting the event – venues will be provided printed guest lists. People who have not purchased tickets themselves may need to show the original payment card used to buy the ticket, a copy of the original buyer’s ID, and an authorization note from the original buyer.

“Our investigation into the incident is ongoing. We’re putting all of our resources to confirm the extent of the unauthorized access. We’re committed to communicating with all customers once we have more information about the scope of the issue,” Ticketfly told customers.

According to Motherboard, the hacker initially attempted to report the vulnerability to the vendor and asked for the payment of 1 bitcoin in return for the information. Since IsHaKdZ did not receive a reply from the company, he decided to exploit the flaw.

Motherboard confirmed that at least some of the thousands of records stored in the files leaked by the hacker are valid. The incident reportedly impacts Ticketfly customers and employees, and staff at music venues.

Related: Top Music Videos Including ‘Despacito’ Defaced by Hackers

Related: Pro-ISIS Hacking Group Continues Defacement Campaign

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...