Cybersecurity

A Ticketmaster cyberincident leaves standing room for targeted phishing

What phishers can do when they know you like Phish.
article cover

Rubberball/Mike Kemp/Getty Images

· 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

If malicious hackers’ claims prove true, an attack against Live Nation Entertainment subsidiary Ticketmaster could lead to very targeted phishing attacks, according to pros who spoke with IT Brew, begging the question:

Could phishers phish Phish fans with phony Phish plans?

  • Ticketmaster’s SEC 8-K filing on May 20 revealed that the company “identified unauthorized activity within a third-party cloud database environment containing Company data.”
  • The filing also revealed that on May 27, “a criminal threat actor offered what it alleged to be Company user data for sale via the dark web.”
  • Cybercrime group ShinyHunters claims to have stolen data from about 560 million Ticketmaster customers, including their full names, addresses, emails, phone numbers, ticket orders, and the last four digits of credit-card numbers, HackRead reported.

It’s already easy for hackers to guess music-related passwords, as IT Brew reported in early 2024.

If ShinyHunters’ claims prove true, however, phishers have a lot to work with—especially knowing a target’s favorite band, Colin Little, security engineer at cybersecurity company Centripetal, told IT Brew.

Ticketmaster has warned of ticket scams in the past, and Little sees new, targeted cons on the rise; with a first and last name and email, for example, a phisher can look up a concertgoer who bought, say, Metallica tickets, and can craft phishing emails around the band. With an email, a thief in search of credit card numbers could offer fake, exclusive concert tickets.

“A lot of old phishing themes will be made slightly, if not much more effective by this data being available,” Little told us.

Erich Kron, security awareness advocate at the risk-management platform KnowBe4, also sees potential for attackers to use stolen Ticketmaster information to validate targets’ trust and steal credentials. One idea, Kron considered: an emailed survey request for a given concert, which leads to false login pages that collect usernames and passwords.

Both Kron and Little see the potential targeting of concertgoers or sports fans who have a lot of money to spend.

“If I know that you just shelled out eight grand for you and four of your favorite people to go see Taylor Swift, I’m gonna know that you probably have some disposable income. And so you’re gonna be at the top of my list,” Kron said.

The Better Business Bureau reported an all-time-high for phishing reports—a total of over 9,000 in 2023, “more than double the previous year.”

“Every scam starts with a fraudster attempting to reach out to their target, and they use any means possible, whether by phone, text, voicemail, email or even a letter in the mail,” the BBB warned in its report, published on June 6.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.