INFRA
INFRA
INFRA
Ticketfly offline following hack and theft of customer data
Ticketfly, a live event tickets selling service owned by Evenbrite Inc., has been taken offline after a “cyber incident” that involved its site being hacked and customer data stolen.
Billboard reported that customers to the site first noticed it had been defaced at about 9 p.m. PDT Wednesday with a picture of a man wearing a Guy Fawkes mask (pictured) and a message from a hacker called IsHaKdZ.
“Your Security Down im Not Sorry,” the first part of the message read, followed by a link to a yandex.com email address and warning from the hacker claiming access to a database called “backstage” that allegedly includes information relating to Ticketfly users.
No ransom demand was made in the image itself, the implication given the inclusion of the email address and mention data theft would suggest that the hacker was likely looking for a payment in return for the data. CNet later confirmed that a ransom was the motivation behind the attack, saying that it had contacted the hacker, who had said he wanted a payment of 1 bitcoin ($7,500) “to fix the exploit.”
Having been made aware of the hack, Ticketfly took its service offline, replacing the defacement with a message that read that “Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident.”
“Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue,” the message continued. “We are working to bring our systems back online as soon as possible. Please check back later.”
Ticketfly has not provided any further information on how the hack took place, but several people are suggesting that access occurred via a WordPress installation that was not up-to-date.
Jamie Schmid, a community evangelist at Sitelock Inc., wrote that “on Tuesday #ticketfly’s #WordPress website was hacked and a database with private user data was leaked for download. Just days after the #GDPR privacy rule went into effect.”
Michael Villado, a self-described “digital Sherlock Holmes” claimed that not only was the WordPress installation hacked, but as a consequence, “all of the user data and site is completely downloadable” via exposed WordPress-related SQL files.
Image: IsHaKdZ
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
