In a significant revelation, entertainment giant Live Nation has confirmed that its ticketing subsidiary, Ticketmaster, has been compromised by a cyberattack, leading to the theft of personal information.
Live Nation disclosed the data breach in a regulatory filing late on Friday, after the markets closed. The company reported that the breach occurred on May 20, following a cybercriminal’s offer to sell what was alleged to be Live Nation user data via the dark web. Although the exact nature of the data stolen remains unspecified, it is strongly suspected to involve customer information.
In its statement, Live Nation revealed that unauthorized activity was identified within a third-party cloud database environment containing company data. The specific third-party cloud provider was not disclosed. However, a spokesperson from Ticketmaster disclosed to TechCrunch that the compromised database was hosted on Snowflake, a cloud storage and analytics firm based in Boston.
The spokesperson from Ticketmaster did not elaborate on how the data was stolen from Snowflake's systems. Snowflake mentioned in a post on Friday that a limited number of customers believed to be impacted by attacks targeting their accounts were notified. However, Snowflake did not detail the nature of the attacks or whether data was stolen from customer accounts. Snowflake spokesperson Danica Stanczak declined to comment on the nature of Ticketmaster's data breach.
Additionally, infrastructure from Amazon Web Services (AWS) also hosts substantial parts of Live Nation and Ticketmaster's operations, according to a customer case study on Amazon's website that has since been removed.
Earlier this week, the administrator of a newly revived popular cybercrime forum known as BreachForums claimed to be selling personal information of as many as 560 million customers, including Ticketmaster customers. The compromised data allegedly consists of ticket sales and customer card information.
Up until this latest announcement, Live Nation had remained silent about the data breach. It had been reported earlier in the week that Australian authorities were assisting Live Nation with a cybersecurity incident, while the U.S. Cybersecurity and Infrastructure Security Agency (CISA) deferred comment to Live Nation.
TechCrunch also obtained a portion of the allegedly stolen data, confirming its authenticity. This data contained thousands of records, including email addresses—some of which were internal Ticketmaster email addresses used for testing—that were verified as real Ticketmaster accounts through the platform's sign-up form.
Earlier in May, the Department of Justice, along with 30 attorneys general, pursued legal action against Live Nation to dismantle the ticketing conglomerate, citing monopolistic practices.
This breach consolidates growing concerns over data security for platforms handling vast amounts of user information. With the surge in cyberattacks, robust cybersecurity measures are imperative. Platforms like AppMaster emphasize the importance of securing user data, a practice becoming ever more critical in the digital age.
For more on securing applications, read How to Reduce Software Development Costs or explore comprehensive guides like No-Code/Low-Code App Development.
