The hacking group posted samples of the data to an online forum– ticket data on Swift’s shows in Indianapolis, Miami, and New Orleans – and alleged that it possessed an additional 30m million barcodes for other high-profile concerts and sporting events.
The ransom posts on the online forum were from the hacking group ShinyHunters, and an account that appeared to be associated with it called Sp1d3rHunters., according to the guardian .
The group has a history of claiming responsibility for major hacks against companies including Santander bank, AT&T, Microsoft and others.
Ticketmaster denied offering any money to the hackers, who had not engaged with the company about the ransom, according to a statement from parent Live National Entertainment. Ticketmaster also stated that its ticketing technology prevented such leaked barcodes from being used as tickets by refreshing barcodes every few seconds.
Ticketmaster hit by data hack that may affect 560m customers
Read more
Hopeful Swifties probably won’t be able to attend their icon’s world tour with an ill-gotten ticket. Although the data appeared to be from the hacking group’s large scale breach of Ticketmaster and Live Nation earlier this year, cybersecurity experts who examined the leak agreed that the stolen data would not be useful for gaining access to an arena. The data could not be used as a ticket because the Ticketmaster mobile application uses dynamic barcodes, experts said, whereas the data in the hack is static.
“This data is almost certainly not sufficient to allow someone to recreate a barcode to get in,” said Don Smith, vice-president at the cybersecurity firm Secureworks. “If you’re running events of the size and scale of the Eras tour, you are not going to make it easy for someone to just get access to a database and then be able to create a fake ticket.”
Despite ShinyHunters’ ability to gain access to the Swift ticketing data, which included information on tickets for nine upcoming dates across the three US cities, experts said that companies such as Live Nation have more sophisticated measures to prevent that data from being used to actually steal tickets.
“If the thought here was that you’re going to create absolute chaos on all future Eras tour dates, I don’t think so,” Smith said.
The ransom threat to Live Nation is part of a broader rise in cyberattacks and ransomware in recent years. The attacks have targeted major corporations and public institutions, with analysts estimating that victims paid out $1.1bn in ransoms in 2023. The United Kingdom’s National Health Service is still reeling from a devastating attack by a Russia-based ransomware gang in June.
