Extortionists operating under the name Sp1d3rHunters posted samples of the data to an online forum, including ticket details for Swift’s shows in Miami, Indianapolis and New Orleans.

The group also claimed to have barcodes for an additional 30 million tickets to other major concerts and sporting events. The hackers are now demanding $2 million from Ticketmaster to prevent further leaks.

“Pay us $2 million USD or we will leak all 680M of your customer information and 30 million more event barcodes, including: more Taylor Swift events, P!nk, Sting, Sporting Events F1 Formula Racing, MLB, NFL And thousands more events,” it reads. Hackers Demand Extortion

However, Ticketmaster dismissed the threat. The company said its ticketing technology uses dynamic barcodes that refresh every few seconds, making stolen static data useless for entering the field.

“Ticketmaster’s SafeTix technology protects tickets by automatically updating a new and unique barcode every few seconds so it can’t be stolen or copied.” Ticketmaster said Bleeping computer.

“This is one of many fraud protections we implement to keep tickets safe and secure.”

Cybersecurity experts agree with this statement, saying that the leaked information will not allow anyone to recreate the correct barcode.

“This data is almost certainly not enough to allow someone to enter a barcode,” said Don Smith, vice president of cybersecurity firm Securix. told Guardian.

“If you’re running events the size and scale of Eras Tour, you’re not going to make it easy for someone to just access the database and then be able to create a fake ticket.”

While Shiny Hunters has access to ticket data for nine upcoming shows in three US cities, Smith believes it won’t disrupt the tour.

“If the idea here was that you’re going to create complete chaos on all future Era Tour dates, I don’t think so,” he said.

Ticketmaster denies involvement with extortionists, denying claims of a $1 million ransom offer.

This isn’t the first cyber attack to target Swift’s tour. In February, hackers breached Australian ticketing company Ticketek, compromising Eras tour tickets.

The latest leak comes in the wake of a major breach earlier this year, where Shiny Hunters allegedly gained access to Ticketmaster’s data through a third-party contractor. Compromised information for approximately 560 million users. Ticketmaster confirmed the breach in a filing with the US Securities and Exchange Commission in May, after hackers began selling the data for $500,000.

The company said the data was stolen from their Snowflake account.

ShinyHunters has a history of massive data breaches, targeting firms like AT&T and even leaking millions of phone numbers used for multi-factor authentication. U.S. District Court in Seattle earlier this year A 22-year-old member of the group was convicted Three years in prison for his role in a massive hacking campaign that targeted more than 60 companies.

LiveNation, Ticketmaster’s parent company, has faced increasing criticism in recent months. The US Department of Justice filed an antitrust lawsuit against them, while fans are frustrated by the chaotic Eras tour ticket sales process.



Source link