Live Nation, the entertainment giant, has confirmed that its ticketing subsidiary, Ticketmaster, has experienced a data breach. The company made the announcement in a filing with government regulators after the markets closed on Friday. According to Live Nation, unauthorized activity was detected in a third-party cloud database environment that contained company data. The specific third-party cloud provider was not named, but it is known that Amazon Web Services hosts a significant portion of Live Nation and Ticketmaster’s infrastructure.
The breach itself occurred on May 20, and on May 27, a cybercriminal offered what they claimed to be company user data for sale on the dark web. The exact details of the personal information involved have not been disclosed, but it is believed to relate to customers. Live Nation has not publicly disclosed why it took more than a week to announce the breach.
The alleged data breach came to light earlier this week when the administrator of a revived cybercrime forum claimed to be selling the personal information of 560 million customers, including Ticketmaster customers’ details and ticket sales and customer card information.
Prior to this announcement, Live Nation had not commented on the alleged breach. Australian authorities had confirmed earlier in the week that they were assisting Live Nation with a cybersecurity incident. The U.S. cybersecurity agency, CISA, deferred comment to Live Nation.
TechCrunch managed to obtain a portion of the allegedly stolen data containing tens of thousands of records. Through verification checks, TechCrunch confirmed that the records belonged to Ticketmaster customers.
This incident follows recent legal action against Live Nation by the Department of Justice and 30 attorneys general who sued the company, accusing it of engaging in monopolistic practices within the ticketing industry.
As the situation develops, more information is expected to emerge regarding the extent of the breach and its impact on Ticketmaster customers. It serves as a reminder of the importance of robust cybersecurity measures and the need for companies to be transparent and proactive in their handling of data breaches.