TEG’s Australian ticketing giant Ticketek announced last month that user account information had been compromised in a major data breach. Now, a hacker claims to have stolen the information of 30 million TEG users.
The unnamed hacker — who is believed to be associated with the hacking group ShinyHunters — posted a thread on the underground relaunched BreachForums portal, offering to sell personally identifiable information of 30 million TEG customers. This information included people’s full names, genders, and birth dates, as well as usernames, hashed passwords, and email addresses for their TEG accounts.
According to the thread, this database is linked to the breach that happened around a month ago at Ticketek, and the publication is suspecting the incident might be connected to the recent Snowflake breaches. In May, Ticketek reported a data breach, noting that information was stored “in a cloud-based platform, hosted by a reputable, global third party supplier.” At the time, TEG said that no customer accounts had been compromised, only “customer names, dates of birth, and email addresses may be impacted.”
TEG has not commented on the reports at this time.
This follows Ticketmaster’s data breach in May, which was also linked to the cloud database platform Snowflake. ShinyHunters posted on the same forum last month, claiming that it accessed some 1.3 terabytes of data, which includes names, addresses, credit card numbers, phone numbers, and payment details, involving 560 million customers globally.
In a statement on X, VX-Underground said ShinyHunters did not carry out the attack itself, but rather, acted as a proxy for the threat group responsible. VX-Underground went on to note that based on the data provided to them by the threat group, “we can assert with a high degree of confidence the data is legitimate.” The date ranges in the database reportedly go back to 2011, with some dates showing information from the mid-2000s.
In an SEC filing, shared on Friday, May 31, Live Nation said it identified unauthorized activity on May 20, 2024, and subsequently, launched an investigation. Following the news, a class action lawsuit was filed in California, claiming the data breach was a direct result of Live Nation and Ticketmaster’s failure to implement “adequate and reasonable” cybersecurity procedures and protocols.