We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

TicketMaster Data Breach: Data of 560 Million Users for Sale

TicketMaster Data Breach: Data of 560 Million Users for Sale
Author Image Hendrik Human
Hendrik Human Published on 31st May 2024 Cybersecurity Researcher

ShinyHunters, a notorious hacking group, is selling 1.3TB of data it claims to have been stolen from Ticketmaster. The dump contains the personal information and payment data of 560 million users and is up for sale on BreachForums for $500,000.

In a post on X, vx-underground, an educational website covering malware and cybersecurity, claims to have spoken to some of the threat actors involved in the breach. These talks allegedly revealed that an unidentified hacking group managed to access TicketMaster’s AWS instance by pivoting from a Managed Service Provider sometime in April. It was also uncovered that ShinyHunters is only acting as a proxy for this threat group to auction the data but was not involved in the compromise themselves.

vx-underground also stated that they believe “with a high degree of confidence the data is legitimate,” based on information provided by the threat group. However, they admit that the data is “absurdly large,” making it difficult to verify with absolute certainty. vx-underground is also unable to verify financial information, although the stolen PII looks authentic.

The majority of information appears to span transactions from 2012 to 2024, although some dates appear from the mid-2000’s. According to vx-underground, the compromised information includes:

  • Full names
  • Email addresses
  • Physical addresses
  • Telephone numbers
  • Hashed credit card numbers
  • Credit card information (type, authentication, etc.)
  • All user financial transactions

BleepingComputer also spoke to ShinyHunters. According to them, the hacker group revealed that “there are interested buyers in the data” and that they believe Ticketmaster themselves might be willing to buy the data back.

Also, according to BleepingComputer, Ticketmaster are yet to reply to their request for a comment on the situation. In addition, the FBI declined to comment when BleepingComputer asked if they are working with Ticketmaster to investigate the incident.

BreachForums, where the data is being auctioned, is one of the most notorious extortion sites. The FBI shut it down twice, once in 2023 and again on 15 May 2024. However, ShinyHunters managed to get back control of the domain and relaunch the site, seemingly just in time to facilitate the auction of this massive data leak.

This is not the first time that Ticketmaster has been a victim of a data breach. In 2019, vpnMentor researchers found that data from Ticketmaster was found in a breach database containing 17 million records and 1.2TB of data.

About the Author

Hendrik is a writer at vpnMentor, specializing in VPN comparisons and user guides. With 5+ years of experience as a tech and cybersecurity writer, plus a background in corporate IT, he brings a variety of perspectives to test VPN services and analyze how they address the needs of different users.