Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events

In an ongoing extortion advertising campaign against Ticketmaster, threat actors hang leaked nearly 39,000 print-at-home tickets for 150 upcoming concerts and events, including Pearl Jam, Phish, Tate McCrae, and Foo Opponents.

The tickets had been leaked by a threat actor is understood as ‘Sp1derHunters,’ who is selling records stolen in most up-to-date records theft assaults from Snowflake accounts.

In April, threat actors started downloading Snowflake databases of now no longer now no longer as much as 165 organizations utilizing credentials stolen by records-stealing malware.

In Also can just, a infamous threat actor named ShinyHunters started selling the alleged records of 560 million Ticketmaster possibilitiesclaiming it changed into stolen from Snowflake. Ticketmaster later confirmed that its records changed into stolen from their Snowflake yarn.

At the time, the threat actors demanded that Ticketmaster pay them $500,000 so as that the records would now no longer be leaked or supplied to other threat actors.

Nonetheless, a week ago, the same threat actors leaked 166,000 Taylor Swift label barcodesannoying a elevated $2 million extortion query.

Ticketmaster responded by pronouncing that the records is useless as their anti-fraud measures persistently rotate to intelligent mobile barcodes.

“Ticketmaster’s SafeTix technology protects tickets by mechanically refreshing a fresh and intelligent barcode every few seconds so it cannot be stolen or copied,” Ticketmaster informed BleepingComputer.

Hackers answer

As we suppose time, Sp1d3rHunters responded to Ticketmaster’s observation, pronouncing that moderately about a print-at-home tickets had been stolen whose barcodes cannot be rotated.

“Ticketmaster lies to the public and says barcodes can now no longer be ragged. Tickets database contains both on-line and physical label kinds,” the threat actor posted to a hacking forum.

“Bodily label kinds are Ticketfast, e-label, and mail. These are printed and can now no longer be mechanically refreshed.”

The post contains a link to a CSV file containing the barcode records for 38,745 TicketFast tickets, Ticketmaster’s print-at-home ticketing resolution.

A overview of the records by BleepingComputer shows label records for 154 events and concerts, including those for Aerosmith, Alanis Morissette, Billy Joel & Sting, Bruce Springsteen, Carrie Underwood, Cirque du Soleil, Dave Matthews Band, Foo Opponents, Metallica, Pearl Jam, Phish, P!NK, Red Hot Chili Peppers, Stevie Nicks, STING, Tate McRae, and $uicideboy$.

When procuring tickets via Ticketmaster, you might perchance well be in a build to settle for supply via TicketFast at some venues and events. The usage of this supply map, your tickets will seemingly be sent as a PDF via electronic mail, which you might perchance well be in a build to then print out and bring with you to the match.

As these are now no longer mobile tickets, the threat actors claim that Ticketmaster cannot rotate the barcodes utilizing its disclosed anti-fraud mechanism. As a alternative, they must void and reissue the tickets to of us that ragged the carrier.

The threat actors additionally integrated a handbook on converting the leaked label records into a scannable barcode that might perchance even be ragged to catch tickets utilizing TicketFast print-at-home templates that corporate possibilities consume.

BleepingComputer contacted Ticketmaster to substantiate how they’d address these tickets nonetheless has now no longer obtained a response yet.

The threat actors hang beforehand tried to extort moderately about a other companies whose Snowflake records changed into stolen, includingNeiman Marcus,Los Angeles Unified College District,Design Auto Facets,Pure StorageandSatans.