Ticketmaster is a household name for buying tickets to concerts and live performances. But lately, they’ve been making headlines, and not for good reasons. First, it was the Taylor Swift controversy last year, when their systems were overwhelmed by millions of fans trying to purchase tickets, leading to website crashes, long wait times, widespread frustration among fans, and a recent DOJ lawsuit against its owner, Live Nation.
And now, the company is in the news again for a massive data leak, which has impacted half a billion of its consumers. Here’s what you need to know about the Ticketmaster breach and how to keep yourself safe from other major corporate breaches in the future.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
What happened in the Ticketmaster breach?
Recently, the U.S. Justice Department filed an antitrust lawsuit against Ticketmaster, aiming to dismantle the monopoly its parent company, Live Nation Entertainment, allegedly holds over the live music industry. But, this was just the start. Amid this legal turmoil, an Australian Home Affairs Department was allegedly the first to detect a new cyber incident.
A cyber breach hacker group known as ShinyHunters has claimed responsibility for stealing information including full names, addresses, phone numbers, and even payment data of over 500 million customers. Not only this, but they are also reportedly selling this 1.3-terabyte cache of data on a popular hacking forum. This group was also responsible for a breach against Mashable back in 2020.
OVER HALF A MILLION ROKU ACCOUNTS COMPROMISED IN SECOND CYBER SECURITY BREACH
What is Ticketmaster doing about it?
As of now, Ticketmaster has not provided specific details on how they are addressing this particular breach. This may not be a huge surprise to past Ticketmaster customers, though, who may feel as though the company isn’t the most transparent.
I also contacted the director of media relations at Live Nation for a response, but as of publishing this story, I have not heard back.
Not only did they not issue a statement at the time of publishing, as we requested, but even ShinyHunters attempted to reach out to them following their admission of the cyber attack, with no response.
While it may be a bit too early to tell. Historically, in response to cybersecurity incidents, companies typically:
- Investigate the breach: Conduct a thorough investigation to understand how the breach occurred and what data was affected.
- Enhance security measures: Implement stronger security protocols to prevent future breaches.
- Notify affected customers: Inform customers whose data was compromised and provide guidance on steps they can take to protect themselves.
- Collaborate with authorities: Work with law enforcement and cybersecurity experts to track down the perpetrators and prevent further incidents.
- Offer support services: Provide resources such as credit monitoring services to help affected customers safeguard their personal information.
Ticketmaster’s specific response and any additional measures they may take will likely be communicated through their official channels in the coming days.
How to know if I was impacted by the breach
With half a billion people impacted by this breach – and, without Ticketmaster doing much about it yet – you might be wondering whether or not your information was in there. Though it may be hard to know for sure if you were impacted, here are some ways to check, which doesn’t hurt to do no regardless as there are breaches that happen everyday:
1) Check for notifications: Keep an eye out for any official communication from Ticketmaster, which should inform you if your data was compromised.
2) Monitor your accounts: Look for unusual activity in your bank and credit card accounts. Pay close attention to any unfamiliar transactions.
3) Review emails: Watch for emails regarding password changes, account updates, or login attempts that you did not initiate.
How to protect yourself from similar data breaches in the future
To safeguard yourself from similar data breaches, consider the following cybersecurity practices:
Use strong, unique passwords: Create complex and unique passwords for each of your accounts. A password manager can help you keep track of them. Consider using a password manager to generate and store complex passwords.
Enable 2FA: Add an extra layer of security to your accounts by enabling 2FA whenever possible.
Monitor your accounts regularly: Check your bank statements, credit reports, and online accounts frequently for any signs of suspicious activity.
Be cautious with your personal information: Share your personal information only with trusted sources and be mindful of what you share online.
Invest in data removal services: While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time.
A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed.
Special for CyberGuy Readers (60% off): Incogni offers A 30-day money-back guarantee and then charges a special CyberGuy discount only through the links in this article of $6.49/month for one person (billed annually) or $13.19/month for your family (up to 4 people) on their annual plan and get a fully automated data removal service, including recurring removal from 175+ data brokers. I recommend the family plan because it works out to only $4.12 per person per month for year-round coverage. It’s an excellent service, and I highly recommend at least trying it out to see what it’s all about.
Check out my top picks for removal services here.
Best services for removing your personal information from the Internet
Freeze your credit: Consider placing a freeze on your credit reports to prevent new accounts from being opened in your name without your consent if you learn you are a victim of identity theft.
File a report with the Federal Trade Commission: If you suspect identity theft or fraud, file a report with the FTC.
Use an identity theft protection service: Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
My top recommendation is Identity Guard. One of the best parts of using Identity Guard is that they might include identity theft insurance of up to 1 million dollars to cover losses and legal fees and a white glove fraud resolution team where a US-based case manager helps you recover any losses.
CyberGuy’s Exclusive Offer: Get the Identity Guard Ultra protection to protect your identity and credit through tax season and beyond for as little as $9.99/mo (lowest offered anywhere) for the first year.
See my tips and best picks on how to protect yourself from identity theft.
Update your software: Keep your software, including antivirus and anti-malware programs, up-to-date to protect against the latest security threats.
Stay vigilant against phishing attempts: Be cautious of unsolicited communications asking for your personal information or directing you to a web page asking for personal data. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
MASSIVE DELL DATA BREACH HITS 49 MILLION USERS – WHAT THIS MEANS FOR YOUR PRIVACY AND SECURITY
Kurt’s key takeaways
Ticketmaster is not the first major company to have a data breach this year, and it’s likely not the last. But, due to the fact that Ticketmaster has disappointed many of their customers already, this might be the last straw for millions of them. Many people are already turning to other ticket sites like Eventify, Eventbrite, and StubHub instead. This is a good start, but when it comes to your data, no company is 100% safe. This is why it’s critical that you take security precautions into your own hands as much as possible.
Do you buy tickets from Ticketmaster? Will you reconsider buying from them now following this breach? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
3 comments
If I have a Ticketmaster account that I have used to purchase in the last 12 months, but I do not save my payment information in my account, do the hackers have a way to get to it?
Hi Renee, if you have used your Ticketmaster account to make purchases but have not saved your payment information, it is less likely that hackers could access your payment details directly through your Ticketmaster account. However, it’s important to note that no system is entirely foolproof. Ticketmaster’s data breach could potentially expose any information that is stored on their servers, including personal details and any payment information that is currently saved. To enhance your security, it’s a good practice to regularly update your passwords and monitor your accounts for any unauthorized activity.
For additional peace of mind, you may want to check the security settings on your Ticketmaster account and ensure that you have all the necessary measures in place, such as two-factor authentication, which can provide an extra layer of protection. Follow our tips in our article above on steps to take and monitor your accounts.
My wife and myself purchased two tickets for Eagles and Steely Dan in Phoenix. Four days before the show we came down with Covid. TM offered to buy the tickets back but at a discounted price of $408! As that was our only option we agreed and did all the required online paperwork that they asked for. I have a quote from their chat that we would be getting the money in a week or up to a month. We never received it and we were told that they have no record of the buy back. I filed a dispute with Discover card but they were no help. I wonder what the date of the breach was and if it impacted this theft of our refund?