Ticketmaster Hack Group Claims Access to Millions of Taylor Swift Tickets

The ShinyHunters hacker group allegedly behind the Ticketmaster data breach has claimed it has access to billions of dollars worth of tickets, including some 440,000 for Taylor Swift shows. This information comes from a posting on “the infamous cybercrime and hacker platform” Breach Forums, according to a report on HackRead.com.

If proven out, the account access achieved in the breach is significantly deeper than Ticketmaster has told consumers in the wake of the hack, which took place between April and May and discovered in late May.

“To celebrate the 4th of July we present to you 440k Taylor Swift Eras game tickets, and instead of her tour she’s performing in front of congress,” reads the forum posting from Thursday by ShinyHunters, according to a screenshot shared by HackRead.

According to the post, the group claims it has access to a total of 193 million barcodes, including close to half a million for upcoming Taylor Swift Eras Tour shows. The total value they associate with the barcode details is $22 billion, saying that is associated with a “face value” figure for the tickets. As a result, the ransom demand of Ticketmaster/Live Nation has been upped to $8 million from a previous figure of $1 million, or the data could be sold to the highest bidder.

The stolen data reportedly includes

• 980 million sales orders
• 680 million orders detail
• 1.2 billion party lookup records
• 440 million unique email addresses
• 4 million uncased and deduped records
• 560 million AVS (Address Verification System) detail records
• 400 million encrypted credit card details with partial information

It should be noted that this information is not confirmed as accurate, though previous information shared by the ShinyHunters group has proven out in this incident. It is true that order information available within user accounts on the Ticketmaster system does include barcodes for tickets held in that account. What is unclear is if this data security incident saw access to that level of depth on individual accounts.

Ticket News has requested comment on this latest report from Ticketmaster and its parent Live Nation as of early Friday, but we have not yet received a response.

It was just last week that Ticketmaster began contacting users it says were impacted by the hacking incident.

“Ticketmaster recently discovered that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider,” reads the email received by impacted consumers, in part. “Based on our investigation, we determined that the unauthorized activity occurred between April 2, 2024 and May 18, 2024. On May 23, 2024, we determined that some of your personal information may have been affected by the incident. We have not seen any additional unauthorized activity in the cloud database wince we began our investigation.”

In the notification, it does not indicate that users should have any concern for ongoing account security issues or take any security actions. It says the opposite, in fact – “Your Ticketmaster account remains secure,” reads the bold text on the Ticketmaster Data Security Incident page on its website. “Customers can conduct business with Ticketmaster as normal and without issue.”

“Our comprehensive investigation – alongside leading cybersecurity experts and relevant authorities – has shown that there has been no more unauthorized activity.”

Consumers who received notification that their accounts were involved in the incident have been offered a free year of credit monitoring, but otherwise instructed to carry on. We have not seen any reports of consumers saying that tickets are gone from their accounts or anything of that nature related to this incident to date.

We will update this story with any further information as it is received.