Hackers leak 39,000 print-at-house Ticketmaster tickets for 154 events

In an ongoing extortion marketing campaign against Ticketmaster, possibility actors procure leaked virtually 39,000 print-at-house tickets for 150 upcoming dwell shows and events, including Pearl Jam, Phish, Tate McCrae, and Foo Warring parties.

The tickets had been leaked by a possibility actor identified as ‘Sp1derHunters,’ who is promoting files stolen in most modern files theft attacks from Snowflake accounts.

In April, possibility actors began downloading Snowflake databases of a minimal of 165 organizations the expend of credentials stolen by data-stealing malware.

In Also can fair, a well-identified possibility actor named ShinyHunters began promoting the alleged files of 560 million Ticketmaster customers, claiming it used to be stolen from Snowflake. Ticketmaster later confirmed that its files used to be stolen from their Snowflake memoir.

On the time, the possibility actors demanded that Ticketmaster pay them $500,000 so that the info wouldn’t be leaked or sold to other possibility actors.

Nonetheless, a week ago, the same possibility actors leaked 166,000 Taylor Swift tag barcodes, stressful a increased $2 million extortion query.

Ticketmaster answered by pronouncing that the info is ineffective as their anti-fraud measures always rotate to strange cell barcodes.

“Ticketmaster’s SafeTix skills protects tickets by mechanically refreshing a original and habitual barcode every few seconds so it’ll no longer be stolen or copied,” Ticketmaster told BleepingComputer.

Top private investigator: Hackers reply

On the fresh time, Sp1d3rHunters answered to Ticketmaster’s assertion, pronouncing that a mountainous different of print-at-house tickets had been stolen whose barcodes can no longer be circled.

“Ticketmaster lies to the public and says barcodes can no longer be former. Tickets database involves both on-line and physical tag forms,” the possibility actor posted to a hacking dialogue board.

“Physical tag forms are Ticketfast, e-tag, and mail. These are printed and can no longer be mechanically refreshed.”

The put up involves a link to a CSV file containing the barcode files for 38,745 TicketFast tickets, Ticketmaster’s print-at-house ticketing solution.

A review of the info by BleepingComputer shows tag files for 154 events and dwell shows, including these for Aerosmith, Alanis Morissette, Billy Joel & Sting, Bruce Springsteen, Carrie Underwood, Cirque du Soleil, Dave Matthews Band, Foo Warring parties, Metallica, Pearl Jam, Phish, P!NK, Crimson Sizzling Chili Peppers, Stevie Nicks, STING, Tate McRae, and $uicideboy$.

When purchasing tickets via Ticketmaster, you presumably can settle for shipping via TicketFast at some venues and events. Utilizing this shipping methodology, your tickets will be sent as a PDF via electronic mail, which you presumably can then print out and elevate with you to the tournament.

As these are no longer cell tickets, the possibility actors claim that Ticketmaster can no longer rotate the barcodes the expend of its disclosed anti-fraud mechanism. As an different, they must void and reissue the tickets to folks who former the service.

The possibility actors additionally incorporated a files on changing the leaked tag files valid into a scannable barcode that could perhaps well be former to manufacture tickets the expend of TicketFast print-at-house templates that corporate customers expend.

BleepingComputer contacted Ticketmaster to substantiate how they’d tackle these tickets but has no longer bought a response yet.

The possibility actors procure previously attempted to extort a mountainous different of alternative companies whose Snowflake files used to be stolen, including Neiman Marcus, Los Angeles Unified College District, Arrive Auto Parts, Pure Storage, and Satander.