Personal information, including email and home addresses, was reportedly stolen.
Four days after being hacked, Ticketfly's website is still down.
Last week, the online ticketing service was "the target of a cyber incident," in which a hacker stole users' personal information and posted some of it online. The hacker also left a message on the service's website reading: "Your security down, I'm not sorry. Next time I will publish database."
Troy Hunt, who runs hack monitoring site "Have I Been Pwned?", said the database files contained more than 26 million unique email addresses, a figure that was earlier reported by Motherboard. The databases included home and billing addresses, as well as phone numbers for most users. The data didn't include credit card numbers or passwords.
"Some customer information has been compromised as part of the incident, including names, addresses, emails, and phone numbers of Ticketfly fans," a company representative said. Ticketfly consulted third-party forensic and cybersecurity experts to make the determination, the representative said.
"We understand the importance our customers place on the privacy and security of their data and we deeply regret any unauthorized access to it. This is an ongoing investigation and we will continue to provide updates as appropriate."
Ticketfly also posted an FAQ page on the cyber incident.
Separately, Eventbrite, which owns Ticketfly, appeared to be operating normally. Eventbrite bought TicketFly from Pandora for $200 million in 2017. Pandora had purchased Ticketfly for $450 million in 2015.
Other companies have also been targeted by hackers taking advantage of cybersecurity vulnerabilities. TaskRabbit temporarily shut down its app in April as it investigated a security breach and recommended that users change their passwords.