Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Have I Been Pwned reveals more than 17m people were impacted by Ticketek data breach

Subscribers to an Australian security researcher’s data breach monitoring site received emails today warning of the full extent of the breach.

user icon David Hollingworth
Fri, 28 Jun 2024
Have I Been Pwned reveals more than 17m people were impacted by Ticketek data breach
expand image

A raft of subscribers to Have I Been Pwned received an email today, 28 June, warning them that their data had been compromised in the late May Ticketek hack.

And while Ticketek has remained quiet about just how many of its customers were impacted, according to the email, the number is a staggering 17,643,173 individuals.

“You’re one of 17,643,173 people pwned in the Ticketek data breach,” the email header said.

============
============

“In May 2024, the Australian event ticketing company Ticketek reported a data breach linked to a third-party cloud-based platform,” the email said in the body.

“The following month, the data appeared for sale on a popular hacking forum and was later linked to a series of breaches of the Snowflake cloud storage service. The data contained almost 30M rows with 17.6M unique email addresses alongside names, genders, dates of birth and hashed passwords.”

The Have I Been Pwned notification is remarkable for a couple of reasons.

Firstly, the emails that Ticketek initially sent customers on 1 June said: “The available evidence at this time indicates that, from a privacy perspective, your name, date of birth and email address may have been impacted.”

Ticketek noted that it used secure encryption to store its passwords, but the company did not disclose that passwords had been accessed – which now appears to be the case.

Also of concern is that this journalist had not received an initial notification from Ticketek but was notified at midday today that their data was impacted. At this stage, it is unknown if any other Ticketek customers are only now learning their data has been impacted.

Ticketek declined to comment on any possible discrepancy.

The threat actor Sp1d3r – responsible for several other Snowflake-related hacks – began posting the Ticketek data on 20 June, the same day it offered Ticketmaster data for sale. At the time, Sp1d3r claimed to have the personal information of 30 million customers, including passwords and purchasing data.


UPDATED 28/06/24 to confirm Ticketek's response.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.