The cybercriminals who claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour.
As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift’s ERAS Tour.
In a post on the infamous stolen data site BreachForums, Sp1d3rHunters is offering many thousands of tickets for upcoming Taylor Swift concerts in three cities in the US: Miami, New Orleans, and Indianapolis.
The post includes a link to a free tutorial on how to make your own printable barcode tickets.
It also includes a threat to Ticketmaster:
“Pay us $2million USD or we leak all 680M of your users information and 30million more event barcodes including:
more Taylor Swift events, P!nk, Sting, Sporting events F1 Formula Racing, MLB, NFL and thousands more events.”
This is the second release of data from the breach, after the cybercriminals–then posting under the name Sp1d3r–gave away one million records including full details (name, address, email, and phone) of Ticketmaster customers.
For Ticketmaster, the release of free Taylor Swift tickets could turn out to be a costly affair. It’s not just the value of the tickets that’s at stake. The company will also need to reissue the tickets to their rightful owners, as well as no doubt deal with more than the expected number of visitors to those concerts, leading to the need to employ extra security staff. All that and we’ve not yet touched on the reputational damage, which already is substantial but is likely to grow even more.
Even though it may be tempting, we would advise against trying to use these “free tickets.” Given the timeframe until the events, Ticketmaster should have enough time and opportunity to invalidate the stolen tickets, and you are likely to receive exactly what you paid for: nothing.
Swifties should also be wary of phishing attempts that will undoubtedly try to capitalize on the news that “free tickets” are available.
Check your exposure
While matters are still unclear how much information was involved, it’s likely you’ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.