image source, Getty Images

image caption, Ticketmaster is part of the world’s largest events company.

  • the author, Which is clear
  • the role, Cyber ​​Correspondent

Ticketmaster customers in North America have been sent emails warning the company to take action. was hacked In May.

Emails were sent to Canadian consumers overnight, urging them to “be vigilant and take steps to protect against identity theft and fraud.”

The company has not commented on the notification process – however similar emails have reportedly been sent to victims in the US and Mexico.

The personal details of 560 million Ticketmaster customers worldwide were stolen in the hack – with cybercriminals then trying to sell that information online.

Ticketmaster has not responded to the BBC as to why it took so long to inform customers of these risks.

The previous news of the breach came from the hackers themselves, after which Ticketmaster sent a notice to its shareholders.

Ticketmaster confirmed that the hackers stole names and basic contact details, without saying what kind of information was obtained.

Hackers also stole encrypted credit card details, but the company has not responded to the BBC’s request for details on how secure the encryption is.

Identity monitoring

According to an email seen by the BBC, the firm is urging customers to monitor their online accounts, including bank account statements, for any suspicious activity.

The company advises Canadian customers to sign up for identity monitoring services, which Ticketmaster is paying for.

“Identity Monitoring will search your personal data on the dark web and provide you with alerts if your personally identifiable information is found online for 1 year from the date of enrollment,” the company said.

Ticketmaster recommends that people be on the lookout for any suspicious-looking emails that appear to be from the company.

When a data breach occurs, it can sometimes lead to secondary hacking or fraud attempts by other criminals who use your details to send you money or download malicious software. They cheat.

However, it is rare and there is little evidence that it occurs on a large scale.

A wider hack

The group responsible for the Ticketmaster hack — called Shiny Hunters — published an ad on a hacking forum on May 28 that offered the data of 560 million users.

The group is asking $500,000 (£390,000) for the data and it is unclear if they have sold the installment.

After several days of investigation, it was revealed that the hackers stole login details from Snowflake and took data from Ticketmaster, which the company uses for its cloud storage account.

It then emerged that more than 160 other Snowflake clients had been similarly targeted – with large amounts of private and corporate data stolen.

Banking group Santander is one of those affected – 30 million of its customers in Chile, Spain and Uruguay were hacked.

Cybersecurity firm Mandiant – which investigated the attacks – says Snowflake itself was not breached.

Mandiant says ShinyHunters, or whatever hackers carried out the broader attack, obtained login details directly from each client company.

Ticketmaster owner LiveNation had already confirmed the hack in a notice to shareholders filed with the US Securities and Exchange Commission.

It acknowledged “unauthorized activity” on its database but said the hack would not materially affect its business.

Ticketmaster did not respond to multiple requests for comment from reporters before and after the filing.

Source link