Ticketmaster Breach: What We Know So Far

The company we all love to hate just got breached, and consumers may be the ones who pay the price.

Bree Fowler Senior Writer
Bree Fowler writes about cybersecurity and digital privacy. Before joining CNET she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, two star marathoner and champion baker of over-the-top birthday cakes and all-things sourdough.
Expertise Cybersecurity, Digital Privacy, IoT, Consumer Tech, Running and Fitness Tech, Smartphones, Wearables
Bree Fowler
2 min read
An image of a man holding a phone showing the Live Nation logo in front of the Ticketmaster logo.

Cybercriminals say half a billion people are affected by the Ticketmaster breach.


Like people needed another reason to hate Ticketmaster.

The parent company of the ticket seller that has long roiled consumers around the world for its high fees and scalper-plagued selling system confirmed a breach of its databases and the theft of untold amounts of customer data.

The disclosure, which came in a Security and Exchange Commission filing late on Friday, followed days of questions and speculation stemming from an alleged cybercrime group's bold claim that it had stolen the personal information of 560 million customers.

Where those claims are actually truthful versus a wild exaggeration remains to be seen. But if the theft does turn out to be that massive, it would easily rank as one of the largest data breaches in history in terms of the number of people affected.

To put things in perspective, the US is home to about 333.3 million people, while the population of the entire plant is estimated at 8.1 billion.

Live Nation Entertainment said in its filing that it launched an investigation after detecting unauthorized activity on May 20. It was contacted a week later by someone who threatened to sell the user data on the dark web.

"We are working to mitigate risk to our users and the company and have notified and are cooperating with law enforcement," the company said in its filing, adding that it's also notifying the appropriate regulatory authorities and affected users.

According to the filing, the stolen data is mainly related to Live Nation's Ticketmaster subsidiary and was housed on another company's cloud database. Live Nation didn't say how many customers were affected or specifically how much or what kind of information was compromised.

The company didn't immediately respond to an email from CNET seeking additional comment and information.

ShinyHunters, the group claiming responsibility, says the stolen data includes names, addresses, phone numbers and partial credit card details from Ticketmaster customers around the world. The group is reportedly demanding a $500,000 ransom payment to prevent the data from being sold to other parties.

The breach and the claims come at a time when Live Nation is already facing renewed outrage from government officials and consumer advocates who charge that the company unfairly dominates the live events industry and needs to be broken up.

A federal lawsuit filed May 23 by the Department of Justice, 29 states and Washington, DC, claims that the company has gotten so big that it has a de facto monopoly, allowing it to bilk its customers with sky-high ticket prices and fees.

Live Nation disagrees and says the lawsuit doesn't address the core issue of scalpers buying up tickets to popular events, then selling them on the secondary market for two or three times their face value. It adds that its market share has fallen in recent years and argues that ticket prices won't fall even if the company is broken up.