Ticketmaster has alerted its North American customers to take precautionary measures following a significant cyberattack in May. Overnight emails sent to Canadian users urged vigilance against identity theft and fraud.
The breach, affecting 560 million customers worldwide, saw hackers steal personal details which are now being sold online. Despite repeated requests, Ticketmaster has not commented on the delay in notifying customers, attributing it to ongoing police investigations.
The hackers, known as ShinyHunters, reportedly infiltrated Ticketmaster by stealing login details from its cloud storage provider, Snowflake, affecting over 160 other clients, including Santander, whose 30 million customers in Chile, Spain, and Uruguay were also compromised.
In the wake of the breach, Ticketmaster advises monitoring bank statements and signing up for company-provided identity monitoring services. The company cautions users to be wary of phishing emails that might exploit the stolen data.
The wider hack has exposed vulnerabilities in cloud storage security, with ShinyHunters demanding $500,000 for the stolen data. Cybersecurity firm Mandiant confirmed that Snowflake itself was not breached, but login credentials were obtained directly from each client.
Despite the scale of the breach, Ticketmaster’s parent company Live Nation has downplayed its impact on business in filings with the US Securities and Exchange Commission.
