July 10th — As part of a continuous cyber extortion campaign, cyber criminals have leaked nearly 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, the Red Hot Chili Peppers, Bruce Springsteen, Carrie Underwood, Aerosmith, Phish, Tate McCrae and the Foo Fighters.
What happened
In April, cyber criminals downloaded Snowflake databases that belonged to more than 165 organizations – all via the use of info-stealing malware.
In May, a cyber criminal group began to sell the data – some of which belonged to 560 million Ticketmaster customers – and claimed that the data came from Snowflake, a claim that Ticketmaster substantiated at a later point in time.
Several weeks ago, the same cyber criminals leaked more than 160,000 Taylor Swift ticket barcodes. They demanded a $2 million ransom in order to cease their activities, but it’s unclear as to whether ransom demands were met.
The response
Ticketmaster noted that the data stolen by hackers is useless, as the company’s anti-fraud measures involve rotation of data, providing unique mobile barcodes to ticket holders.
“Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied,” Ticketmaster explained to the press.
More news
This week, a cyber criminal responded to Ticketmaster’s statement, noting that numerous print-at-home tickets were stolen and that the barcodes cannot be rotated.
“Ticketmaster lies to the public and says barcodes can not be used. Tickets database includes both online and physical ticket types,” wrote the criminal perpetrator in an online message.
“Physical ticket types are Ticketfast, e-ticket, and mail. These are printed and can not be automatically refreshed.”
The same group of cyber criminals has previously attempted to extort other companies whose Snowflake data was stolen.
For more on this story, click here. Lastly, to receive cyber security thought leadership articles, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.