Sensitive Data on Ticketfly’s 26 Million Customers Has Been Leaked

Ticketfly's front door, morning of Wednesday, June 6th.
  • Save

Ticketfly's front door, morning of Wednesday, June 6th.
  • Save
Ticketfly’s front door, morning of Wednesday, June 6th.

The shutdown of Ticketfly last Thursday was caused by a “cyber incident” that remains unresolved.

Ticketing service Ticketfly is still offline following a massive breach from last Thursday.  Now, it looks like the hack has compromised the names, addresses, emails, phone numbers, and even credit card details of more than 26 million customers.

According to reports, a hacker using the handle ‘IsHaKdZ’ replaced the website’s homepage with an image of the character V from the 2005 film “V for Vendetta.”  If you’re not familiar with the character, V is a British anarchist who wears a Guy Fawkes mask.  V stirred up the submissive population to go against the fascist government in a fictional portrayal.

The hacker had a message under his image saying: “Your Security Down im Not Sorry. Next time I will publish database ‘backstage.’”

A Hacker Breaks Into a North Korean Radio Station — Then Starts Trolling

According to Have I Been Pwned?, an independent website that tracks data breaches, this data breach has affected more than 26 million Ticketfly users. Engadget has reported that customer data was uploaded onto a public server.  The head of Have I Been Pwned?, Troy Hunt, told Engadget that emails and other data have been leaked — but credit card details and passwords have been spared.  At least for now.

Eventbrite, the parent company of Ticketfly, confirmed that the breach has leaked users’ personal information.  The breach has also disrupted services at numerous live music venues (with some switching to mainline Eventbrite).

Ticketfly has offered another statement on the matter.

In a statement released to the Washington Post by Eventbrite, an investigation regarding the breach continues.  Unfortunately, Eventbrite is confirming that “some customer information has been compromised as part of the incident, including names, addresses, emails, and phone numbers of Ticketfly fans.”

“We understand the importance our customers’ place on the privacy and security of their data and we deeply regret any unauthorized access to it,” the statement continues. “This is an ongoing investigation and we will continue to provide updates as appropriate.”

“We hope this will be resolved at the soonest possible time. This is a headache for both the company and thousands of its users.”

Eventbrite purchased Ticketfly from Pandora last year for $200 million.  That was less than 50% of Pandora’s original purchase price.