Jump directly to the content

TICKETMASTER customers have been warned to carry out several important checks on their account amid reports the site has allegedly suffered a major data breach.

Hacker group Shiny Hunters claim to have stolen personal information belonging to 560million people who have bought tickets from platform or its parent company Live Nation.

Ticketmaster and owner Live Nation are yet to comment on the alleged incident
1
Ticketmaster and owner Live Nation are yet to comment on the alleged incidentCredit: Getty

They are allegedly threatening to sell the trove of data to criminals unless the company pays a $500,000 / £400,00 ransom.

Ticketmaster and Live Nation are yet to confirm the security breach.

Details the hackers claim to have obtained include full names, addresses, email addresses, phone numbers, ticket sales and event details, order information, and partial payment card data, according to .

"Right now, since we only have the attackers’ words to go on, it’s too early to make any firm statements about whether there was a breach and what, if any, data was stolen," said Christopher Budd, director, threat research, Sophos.

Read more on tech

"While there allegedly are new data in the dump, there is also older info, meaning it could be a series of concatenated data.

"Regardless of whether the breach is legitimate, the attackers have been successful in drawing attention to a criminal forum that was recently taken down.

"As with many take downs like this, we often see the sites rebooted, so organizations should never let their guard down.”

Cyber experts have also warned customers to take action now in case.

Jake Moore, Global Cybersecurity Advisor at cybersecurity firm ESET says the first thing people should do is change their account's password.

But he also warns users to look out for follow-up emails claiming to be from Ticketmaster asking for information.

Beware the 'Renew Subscription' Email Scam

"The amount of highly personal data in this extremely large breach makes this extra worrying for all those involved," he said.

"Ticketmaster is choosing not to pay the ransom which is slowly becoming more common as aftermath clean-ups improve.

";However, this is not the first time they have fallen victim to a large-scale breach which will question how they handle their customer data.

"As the sensitive information is now up for sale, those affected must remain extra careful, change their passwords and steer clear of follow-up emails, texts and calls claiming to be from companies and requesting information.

"High profile data breaches can have long-lasting effects on customers including identity theft and financial fraud."

The Australian Government said Thursday it was investigating the claims.

And a US embassy spokesperson told AFP that the FBI has offered assistance to Australian authorities.

Meanwhile, the UK's data watchdog told The Sun that it's not received a data breach report on the matter.

READ MORE SUN STORIES

“Organisations must notify the ICO within 72 hours of becoming aware of a personal data breach, unless it does not pose a risk to people’s rights and freedoms," an ICO spokesperson said.

“If an organisation decides that a breach doesn’t need to be reported they should keep their own record of it, and be able to explain why it wasn’t reported if necessary.”

How to protect yourself from scams

BY keeping these tips in mind, you can avoid getting caught up in a scam:

  • Firstly, remember that if something seems too good to be true, it normally is.
  • Check brands are "verified" on Facebook and Twitter pages - this means the company will have a blue tick on its profile.
  • Look for grammatical and spelling errors; fraudsters are notoriously bad at writing proper English. If you receive a message from a “friend” informing you of a freebie, consider whether it’s written in your friend’s normal style.
  • If you’re invited to click on a URL, hover over the link to see the address it will take you to – does it look genuine?
  • To be on the really safe side, don’t click on unsolicited links in messages, even if they appear to come from a trusted contact.
  • Be careful when opening email attachments too. Fraudsters are increasingly attaching files, usually PDFs or spreadsheets, which contain dangerous malware.
  • If you receive a suspicious message then report it to the company, block the sender and delete it.
  • If you think you've fallen for a scam, report it to Action Fraud on 0300 123 2040 or use its .
Topics