Last week, a hacker took control of the ticket-distribution website Ticketfly, defacing its homepage, and stealing customers’ personal data. The hacker also posted some of the stolen information online, and threatened to post more, but has yet to follow through on his threat.
Ticketfly’s parent company Eventbrite said it’s still investigating the incident, and hasn’t revealed the extent of the data breach, nor how much or what kind of data was stolen. Motherboard downloaded a series of CSV database files posted on a public server by the hacker last week and shared it with Troy Hunt, the founder of the “Have I Been Pwned,” a website dedicated of informing users of data breaches.
Hunt analyzed the databases and found 26,151,608 unique email addresses. The databases did not include passwords nor credit card details. But for most users, they did include their home and billing address and phone numbers.
The hacker told Motherboard that they reached out to Ticketfly before the breach, alerting the company of a vulnerability, and demanding a ransom of 1 bitcoin to help them fix the flaw. After the company did not respond to their emails, the hacker defaced the site.
Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at firstname.lastname@example.org, or email email@example.com
Ticketfly has published an FAQ on the data breach. A company spokesperson did not immediately respond to a request for comment.
As of Monday, the service is still offline. It’s now been offline for five days.
“We’re working to bring ticketfly.com back up as soon as possible. In the meantime, we encourage you to keep checking in on your favorite venue/promoters’ websites, social media channels, or box offices,” the site read. “Shows are on and tickets are available online and onsite.”
Get six of our favorite Motherboard stories every day by signing up for our newsletter.