The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free.
When Malwarebytes Labs first learned about this data breach, it happened to be the first major event that was shared on the resurrected BreachForums, and someone acting under the handle "ShinyHunters" offered the full details (name, address, email, phone) of 560 million customers for sale.
The same data set was offered for sale in an almost identical post on another forum by someone using the handle "SpidermanData." This could be the same person or a member of the ShinyHunters group.
Following this event, Malwarebytes Labs advised readers on how to respond and stay safe. Importantly, even when a breach isn't a "breach"—in that immediate moment when the details have yet to be confirmed and a breach subject is readying its public statements—the very news of the suspected breach can be used by advantageous cybercriminals as a phishing lure.
Later, Ticketmaster confirmed the data breach.
Bleeping Computer spoke to ShinyHunters who said they already had interested buyers. Now, Sp1d3r, who was seen posting earlier about Advance Auto Parts customer data and Truist Bank data, has released 1 million Ticketmaster related data records for free.
Post by Sp1d3r
In a post on BreachForums, Sp1d3r said:
> “Ticketmaster will not respond to request to buy data from us.
>
> They care not for the privacy of 680 million customers, so give you the first 1 million users free.”
The cybercriminals that are active on those forums will jump at the occasion and undoubtedly try to monetize those records. This likely means that innocent users that are included in the first million released records could receive a heavy volume of spam and phishing emails in the coming days.
Protecting yourself after a data breach
There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.
Check your exposure
While matters are still unclear how much information was involved, it’s likely you’ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report.
We don't just report on threats - we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family's—personal information by using identity protection.