Live Nation says the incident has not had an impact on business operations.
Ticketmaster has issued a regulatory notice to the US Securities And Exchange Commission (SEC) about an investigation into a suspected data breach.
In the notification, Ticketmaster’s parent Live Nation Entertainment said it “identified unauthorized activity within a third-party cloud database environment containing Company data” on May 20th, and “launched an investigation with industry-leading forensic investigators to understand what happened.”
A week later, “a criminal threat actor offered what it alleged to be Company user data for sale via the dark web.”
Attackers - known as ShinyHunters - have claimed responsibility for stealing the personal details of 560 million Ticketmaster customers and have reportedly demanded a $500,000 (£400,000) ransom payment to prevent the data from being sold to other parties.
Live Nation said it is working to mitigate risk to its users and the company, has notified and is cooperating with law enforcement, and notifying regulatory authorities and users with respect to unauthorized access to personal information.
“As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations,” it concluded.
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
