Customers instructed to enroll to safety service | EUROtoday

Get real time updates directly on you device, subscribe now.

By Joe Tidy, Cyber correspondent

Getty Images A crowd dancing at a concertGetty Images

Ticketmaster is a part of one of many largest occasions firm on this planet

Ticketmaster prospects in North America have been despatched emails warning them to take motion after the corporate was hacked in May.

Emails had been despatched in a single day to Canadian prospects, urging them to “be vigilant and take steps to protect against identity theft and fraud.”

The company has not commented on the notification process – however similar emails have reportedly been sent to victims in the US and Mexico.

The personal details of 560 million Ticketmaster customers worldwide were stolen in the hack – with cyber criminals then attempting to sell that information online.

Ticketmaster has not responded to the BBC asking it why it has taken so long to warn customers of the risks they face.

But, in one email seen by the BBC, Ticketmaster says it was not able to notify them sooner due to ongoing police investigations.

Previous news of the breach came from the hackers themselves, followed by a notice from Ticketmaster to its shareholders.

Ticketmaster confirmed that hackers had stolen names and basic contact details, without specifying which types of information had been obtained.

Hackers also stole encrypted credit card details, but the company has not responded to a BBC request for more information on how secure that encryption is.

Identity monitoring

According to the email seen by the BBC, the firm is urging customers to monitor their online accounts, including bank account statements, for any suspicious activity.

The company advises Canadian customers to sign up for identity monitoring services, which Ticketmaster is paying for.

“Identity monitoring will look out for your personal data on the dark web and provide you with alerts for 1 year from the date of enrolment if your personally identifiable information is found online,” the corporate mentioned.

Ticketmaster suggests people watch out for any suspicious-looking emails that look like they are from the company.

When a data breach happens it can sometimes lead to secondary hacking or fraud attempts by other criminals who use your details to trick you into sending them money or downloading malicious software.

However, that is rare and there is little evidence that this happens at scale.

Wider hack

The group responsible for the Ticketmaster hack is called ShinyHunters – it posted an advert on a hacking forum on 28th May offering the data of 560m customers.

The gang is asking for $500,000 (£390,000) for the data and it is not clear if they have sold the tranche.

After days of investigation, it was revealed that the hackers had taken data from Ticketmaster by stealing login details from Snowflake, the company it uses for its cloud storage account.

It then emerged that more 160 other Snowflake clients had been targeted in the same way – with huge amounts of private and corporate data being stolen.

Banking group Santander is one of those affected – 30m of its customers in Chile, Spain and Uruguay were hacked.

Cyber security firm Mandiant – which investigated the attacks – says Snowflake itself was not breached.

Mandiant says ShinyHunters, or whichever hackers carried out the wider attacks, obtained the login details from each client company directly.

Ticketmaster’s owner Live Nation has previously only confirmed the hack via a notice to shareholders filed to the US Securities and Exchange Commission.

It acknowledged “unauthorised exercise” on its database but said the hack would have no material impact on its business.

Ticketmaster didn’t reply to a number of requests for remark from journalists earlier than and for the reason that submitting.

https://www.bbc.com/news/articles/c729e3qr48qo