The FBI has indicted the Ticketfly hacker responsible for the 2018 hack that compromised 27 million accounts.
The Ticketfly website went down in May 2018 with a short message. “Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident,” the page read.
Eventbrite owned the platform at the time and took all Ticketfly systems offline. Ticketfly later said that no credit or debit card information was taken in the hack. However, personal information for around 27 million Ticketfly accounts was a target in the hack.
Motherboard claims to have spoken with the hacker – who went by the handle, IsHaKdZ. He told the site he had warned Ticketfly of a vulnerability that gave him access to the site’s entire database. He says he offered to explain the vulnerability in exchange for one bitcoin.
The man behind the Ticketfly hacker handle is Moulay O Ishak. He is facing criminal charges for extortion.
Legal paperwork filed by the FBI earlier this month reveals the sentence he could be facing. The maximum penalty for digital extortion is three years in jail and a $250,000 fine. The FBI court paperwork says for five days; the defendant attempted to extort Ticketfly.
“The defendant, with intent to extort from Ticketfly money and other things of value, transmitted in interstate and foreign commerce a communication containing a demand and request for money and other things of value in relation to damage to a protected computer.”
Eventbrite issued a statement on the filing, saying they’re happy to see the pursuit of justice.
“We’re pleased to see that the alleged perpetrator of the malicious attack on Ticketfly that occurred in 2018 has been identified and indicted,” the statement reads. “We appreciate the efforts of the FBI and the United States Attorney’s Office in their continued pursuit of justice and for seeking closure for all involved.”