In recent weeks we have been talking about the data breach that has affected Ticketmaster and its customers, which potentially numbered around 500 million. In addition, more recently it was revealed that millions of barcodes corresponding to tickets sold had been stolen. The cybercriminals demanded a financial ransom to avoid leaking them and it seems that they have made good on their threat: 39,000 tickets, from 154 events, have been exposed on the Internet.
These are tickets that you can print at home and go to the concert without any problems. They affect different groups and singers, such as Foo Fighters, Red Hot Chili Peppers, Pearl Jam, Tate McCrae and many more. At first, the amount they asked for was lower. When they realized that all of this was actually worth much more, they decided to increase the demand.
Thousands of Ticketmaster tickets leaked
Ticketmaster has defended itself by saying that it is pointless for these attackers to have stolen the barcodes, as they use anti-fraud systems that rotate unique barcodes for mobile devices. However, the attackers responded by saying that this is false, as it is possible to simply use the option to print the tickets and access the events.
Whatever the case, the cybercriminals behind this attack have made a post where they include a link to a CSV file with the barcodes of exactly 38,745 tickets. These tickets correspond to TicketFast, Ticketmaster’s solution for selling tickets and printing them at home or wherever you want.
Please note that when purchasing a ticket through Ticketmaster, for certain events there is the option of purchasing it through TicketFast. This consists of a PDF file being sent to your email and you simply have to print it. A more traditional ticket, without the need to use mobile devices to access. Anyone with that ticket could enter the event at least once. Normally, the ticket is scanned at the entrance and cannot be used again.
Templates for creating entries
The only solution Ticketmaster could have, and it is not easy due to the large number of tickets, would be to cancel all those tickets and issue new ones. With this, all the barcodes that have been leaked would not be valid for entry to those concerts; they would be directly cancelled forever.
The hackers have also included a guide to converting the leaked barcode data into a normal ticket, just like any other. To do this, they have used a TicketFast template that they use to generate these tickets.
It is not yet known what measures Ticketmaster might take. What is clear is that this issue is causing headaches for those responsible and, as the days go by, the problem seems to be getting worse. Almost 39,000 tickets have been leaked, but they are threatening to release many more.
Again, if you have ever made a purchase through Ticketmaster, regardless of whether or not customer data has been confirmed to be compromised, we recommend changing your password, as well as checking any bank cards you may have used for those purchases. Just as you should avoid phishing attacks when shopping online, it is essential to have everything well protected.
