Tuesday, June 04, 2024

Show cancelled: Risks aplenty from Ticketmaster data breach


By Dr. Tim Sandle
DIGITAL JOURNAL
June 3, 2024

Hacking group ShinyHunters has claimed to have accessed the accounts of 560 million Ticketmaster customers - Copyright GETTY IMAGES NORTH AMERICA/AFP JOE RAEDLE

Ticketmaster has suffered from a data breach, conducted by ShinyHunters. This has impacted 560 million customers.

The U.S. entertainment giant said it had discovered “unauthorised activity” on 20 May, 2024 in a third-party cloud database that mostly contained Ticketmaster data.

Looking at the incident for Digital Journal is Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, and Nick Tausek, Lead Security Automation Architect at Swimlane.

Starting with Costis, the researcher looks at who was seemingly behind the incident: “ShinyHunters are well versed in the art of data breaches. They are known for gaining access via Microsoft Office 365, GitHub, obtaining access to valid accounts, as well as exploiting vulnerabilities.”

As to what might happen to the data, Costis continues: “It’s important to test for post-compromise techniques that are precursory to targeting critical business applications such as databases or other systems containing sensitive information. These are often the end goal of groups such as ShinyHunters, who aim to monetize on the stolen data from their targets.”

The second commentator, Tausek, looks at further indications of what might happen to the data.

Tausek begins by assessing what is at stake: “The trove of data allegedly accessed by ShinyHunters includes personally identifiable information such as names, emails, addresses and partial payment card details.”

As to what can happen to this rich trove of information: “Such information falling into malicious hands opens the floodgates to potential phishing schemes and identity fraud, posing a grave risk to affected individuals. It is imperative for Ticketmaster users to remain vigilant against any phishing and identity theft attempts.”

Drawing a parallel, Tausek recollects: “The recent legal action taken by the Justice Department, which filed a federal lawsuit last week accusing Ticketmaster and its parent company Live Nation of illegally monopolizing the live entertainment industry, also mentions Ticketmaster’s history of cybersecurity incidents and breaches.”

The latest controversy over Ticketmaster’s dominance came when tickets for Taylor Swift’s Eras tour went on pre-sale in 2022 – Copyright AFP DAVID GRAY

He elucidates: “This development is noteworthy, underscoring the inherent risk associated with industry consolidation. In concentrated and monopolized industries such as live entertainment with Ticketmaster, vulnerabilities to data breaches are heightened, amplifying the need for proactive security measures and response protocols.” In terms of some of the underlying issues that could make such attacks more commonplace, Tausek says: 2In this current era of frenzied corporate acquisitions, it is important to not only view monopolies as dangerous to consumers’ wallets, but also dangerous from a cybersecurity perspective. While antitrust legislation is nothing new, hopefully, this increased cyber risk will be taken into account in anti-monopoly actions taken by various governments around the world, both through prosecution of companies like Ticketmaster for holding illegal monopolies, and also through strengthening anti-trust legislation where appropriate.”

No comments: