A day after it was reported that the infamous hacking site BreachForums had returned after yet another Federal Bureau of Investigation “takedown,” ShinyHunters, the hacking group that brought the site back, is now claiming to have stolen data related to 560 million Ticketmaster Entertainment LLC users.

The post on BreachForums claims that the data includes names, addresses, emails, phone numbers, ticket sale information, event information and order details. In addition, ShinyHunters claims to have credit card details but only the last four numbers of cards and expiration dates.

The full stolen database is being offered for sale by ShinyHunters for $500,000.

It’s not clear whether the stolen data being offered by ShinyHunter is new or related to previously disclosed hacks, such as the breach of the U.K. division of Ticketmaster in 2018. Ticketmaster has not commented on the alleged hack. However, the Australian Department of Home Affairs has confirmed that it is aware of a “cyber incident” involving the company.

The Ticketmaster data breach comes after the U.S. Department of Justice filed an antitrust lawsuit against Ticketmaster and its parent company Live National Entertainment Inc. on May 23. The lawsuit, backed by 30 state and district attorneys general, alleges that the companies have operated an illegal monopoly, suppressing competition and artificially inflating ticket prices for concerts, shows, and other events.

The lawsuit also claims that Live Nation employs long-term contracts to prevent venues from partnering with competitors, blocks venues from using multiple ticket sellers and threatens venues with financial losses and fan dissatisfaction if they do not opt for Ticketmaster.

Darren Williams, chief executive officer and founder of anti-data exfiltration and ransomware protection company BlackFog Inc., told SiliconANGLE that the breach shows how large-scale these operations can be.

“Now that the data has been exfiltrated from TicketMaster, the threat group can continuously target the individuals through social engineering and phishing attempts,” Williams said, adding an admittedly self-serving bit of advice: “Large entities, especially those such as TicketMaster, must invest in anti-data exfiltration technology to ensure no data is leaving their system without proper authorization.”

Photo: yumiang/Flickr