Hackers claimed this week to have obtained barcode data on hundreds of thousands of tickets for Taylor Swift’s Eras tour, demanding that Ticketmaster pay millions in ransom money or they would reveal the information online.
The hacker group posted samples of the data on an online forum — ticket records for Swift’s shows in Indianapolis, Miami and New Orleans — and claimed to have an additional 30 million barcodes for others concerts and high-profile sporting events.
The ransom postings on the online forum were from the hacker group ShinyHunters and an account that appeared to be linked to it called Sp1d3rHunters. The group has a history of claiming responsibility for major hacks against companies including Santander bank, AT&T, Microsoft and others.
Ticketmaster denied offering any money to the hackers, who had not engaged with the company for the reward, according to a statement from Live parent National Entertainment. Ticketmaster also stated that its ticketing technology prevented the use of such leaked barcodes as tickets by refreshing the barcodes every few seconds.
Hopeful Swifties probably won’t be able to attend their icon’s world tour with an illegal ticket. Although the data appeared to be from the large-scale breach of the Ticketmaster and Live Nation hacker group earlier this year, cybersecurity experts who reviewed the leak agreed that the stolen data would not be useful to have access to an arena. The data cannot be used as a ticket because the Ticketmaster mobile app uses dynamic barcodes, experts said, while the data in the hack is static.
“This data is almost certainly not enough to allow someone to recreate a barcode to get in,” said Don Smith, vice president at cybersecurity firm Secureworks. “If you’re running events of the size and scale of the Tour of Era, you’re not going to make it easy for someone to just access a database and then be able to create a fake ticket.”
Despite ShinyHunters’ ability to gain access to Swift’s ticket data, which included ticket information for nine upcoming dates in all three US cities, experts said companies such as Live Nation have more sophisticated measures. to prevent that data from being used to steal. the tickets.
“If it’s thought here that you’re going to create absolute chaos on all the upcoming Eras tour dates, I don’t think so,” Smith said.
The ransom threat to Live Nation is part of a broader increase in cyberattacks and ransomware in recent years. Attacks have targeted large corporations and public institutions, with analysts estimating that victims paid $1.1 billion in ransoms by 2023. The UK’s National Health Service is still reeling from a devastating attack by a Russia-based ransomware gang in June.
Earlier this year, ShinyHunters allegedly breached a third-party contractor to gain access to Ticketmaster data that included the names, partial payment details, phone numbers, ticket sales and other information of about 560 million customers. LiveNation confirmed the hack in a filing with the US Securities and Exchange Commission in May, after ShinyHunters took credit for the attack.
The hack added to Live Nation’s slew of public relations and legal woes. The US Department of Justice sued the company in May, alleging it was illegally monopolizing ticket sales and seeking to break it up. Live Nation also faced widespread backlash for its handling of the Swift Eras tour, with a botched sales process that led to hours-long waits, failure to handle customer demand, and tickets being resold for exorbitant amounts. Swift herself has repeatedly attacked the company.
Swift’s tour has been the target of cyber attacks before. In February, hackers breached Australian events company Ticketek, breaking into individual accounts and reselling Eras tour tickets. The company set up pop-up booths outside Swift’s shows for fans to report their concerns and potentially get their tickets back.
ShinyHunters also claimed responsibility for accessing bank and credit card numbers for around 30 million customers and employees at Santander bank earlier this year. The group tried to sell that information to the highest bidder. In May, the FBI and US Department of Justice seized the online forum ShinyHunters used to post information and ransom threats from his Live Nation and Santander hacks, but another site soon emerged.