A hacker hijacked an event-ticketing company. Ticketfly data breach exposed the customer database. Moreover, it stole more than 26 million customers.
What happened to the website? And what can we learn from this incident?
Ticketfly Data Breach
Ticketfly confirmed the breach on June 7, 2019. It was one week after it occurred, which was May 30. During seven days, it exposed 27 million accounts.
A hacker took control of the site. He also defaced it by posting a picture of Vendetta.
He also stated the following message on the site’s homepage:
“Ticketfly HacKeD By IsHaKdZ, Your Security Down im Not Sorry. Next time I will publish database ‘backstage.’”
Moreover, the hacker claimed that he already warned Ticketlfy about their site’s vulnerability.
So, he asked for one BTCUSD (Bitcoin USD) in exchange for a fix. At that time, it costs around $7,500. He added that he will only give the database back once paid.
But, Ticketfly did not give the ransom. So, the hacker posted the user data online.
Additionally, he posted the database of Ticketfly’s customers and employees. He even shares it with a media outlet.
Leaked data
The breach leaked the following information:
- names of the users
- phone numbers
- physical addresses
- email addresses
Fortunately, no credit and debit cards were included in the leak.
Ticketfly’s action
As a security defense, Ticketfly went offline. They also posted a message to their clients. They said that their site had been a target of a data breach.
Moreover, they worked with the best forensic and security experts. They assisted the company in their investigation.
The site only reactivated its website about a week after the attack. They also slowly put the aspects back to the site.
Also, the FBI filed a federal extortion charge against the hacker. They exposed the hacker’s name: Moulak O. Ishak.
The charge gives a maximum penalty of three years. And also a $250,000 fine.
The damage
Because of the Ticketfly data breach, promoters and venues experienced inconvenience. Most of them relied on e-tickets from the site.
Besides, it inconvenienced the customers of the events. Because of the shutdown, events asked their attendees to print their tickets. An art venue also had to sell their tickets outside the venue.
‘Breach is not that terrible’
An expert said that the breach is not that terrible. Unlike any other breaches, the hacker did not steal the passwords.
This is the primary fear for the victims of a data breach. Those who stole their passwords can steal their identity, too. Worse, they can access their bank accounts.
However, Troy Hunt from Have I Been Pwned? said that we should not worry about that case in the Ticketfly data breach. As the database did not contain passwords.
Still, hackers can use the stolen details. They can send phishing emails or malware in attachments.
What you can do now
Ticketfly forced all users to change their password. Also, if you used the passwords to other sites, you should change it, too.
They also advise everyone to make a strong password for every account. It can be easy to do this with the help of a password manager.
Also, since the emails were stolen, be careful of any unwanted emails. Especially those that seem too good to be true offers.