Image created by AI
Ticketmaster, an eminent ticket sales and distribution company, is currently embroiled in controversy following a data breach that has left several customers uneasy, particularly in South Africa where the extent of the breach's impact is still under a shroud of uncertainty. Between 2 April and 23 May 2024, it was found that personal customer information was possibly compromised, and Ticketmaster is now grappling with the repercussions.
In a candid communication with its customers, Ticketmaster acknowledged that an unauthorized party had obtained access to a cloud database containing personal information, through a third-party data services provider. The breach was identified on 23 May 2024, sparking an internal investigation – the findings of which have not seen light beyond the suggestion of a potential compromise of customer details. This information may encompass names, contact details, and other specifics which are yet to be delineated.
As a precautionary measure, Ticketmaster is proactively offering a complimentary year-long identity monitoring service courtesy of TransUnion. This facility is designed to surveil the dark web for signs of the customers’ personal data, alerting them if their information is detected.
Despite inquiries by the local outlet MyBroadband, Ticketmaster has dodged questions regarding the breach's impact on South African consumers. The silence only fuels concerns, particularly when this socket previously confirmed the involvement of third-party forensic investigators by Ticketmaster to understand the intricacies of the breach. Adherence to protocols involving law enforcement and regulators concerning unauthorized data access has been assured by Ticketmaster in its correspondence.
The hacker collective known as ShinyHunters is reportedly behind this cyberattack – taking accountability on 4 June 2024 and proceeding to post advertisements for the stolen data on the dark web. The scope of the theft is colossal, with allegations of 560 million customer records involved.
The target of this breach was not Ticketmaster directly but rather Snowflake, a cloud hosting giant servicing multiple corporate entities, including Live Nation, the parent company of Ticketmaster. A whopping $500,000 ransom was posed by the hackers to curb the distribution of the unearthed data.
Snowflake, on its part, has noticed an uptick in cybercriminal activity aimed at its clientele, admitting that breaches did occur but were confined to a "limited number" of accounts. Brad Jones, Snowflake's Chief Information Security Officer, insists there was no chink in Snowflake’s armor that led to this incident. This claim is contested by noted security researcher Troy Hunt, who pointed to the severity of the security lapse.
Ticketmaster, in the interim, has rolled out a ballot system for South African customers for the much-anticipated rugby match between the Springboks and the All Blacks in Cape Town this September. This system was designed to manage demand and prevent scalping, requiring users to register by 9 June 2024, with the risk of data breach preceding the system's initiation.
Whether or not South African customers are caught up in the stolen database remains unaddressed by Ticketmaster, nurturing a climate of suspicion and unease. Nevertheless, for many South Africans, Ticketmaster is the key portal for accessing venues and cultural engagements – a role that is now scrutinized for its reliability and security.