It isn’t just the pricing hike situation that has got a lot of people talking about Ticketmaster. This is also a reason why they’re facing legal issues right now, but not a lot of people truly know that there has been a data breach incident at Ticketmaster, and this wasn’t even a small thing. Whoever has read about the whole incident knows what this truly meant for the customers of Ticketmaster and how bad it can turn out for them. Looking at that, no doubt, there has to be some legal action taken against the company, and that’s how the whole situation turned into this Ticketmaster Data Breach Class Action Lawsuit. Let’s talk about it a little more.
The Breach That Happened In 2024
It is true that the big breach everyone is talking about wasn’t directly Ticketmaster’s fault. It was actually the fault of their cloud storage provider.
When it had already happened, Ticketmaster’s IT team found out on May 20, 2024, and sure enough, that there was some unusual activity, you know, a trace of unauthorized activity. And when things kept on getting worse, it was total disorder on May 27. Later, we clearly saw and got to know that the hacker group ShinyHunters announced that they had taken data from more than 560 million accounts.
They really did. Like, it wasn’t like they were afraid of anything, nah, they proudly talked about the 1.3 terabytes of stolen data and put it up for sale on dark web forums for $500,000.
But during all this, it came out into the public that this data breach wasn’t just a one day thing, nah, it went on for weeks on end. Like, it is believed right now that the hackers got into the systems as far back as April 2024. As for how it was carried out, see that’s pretty technical, but to brief you on that, the hackers managed to get past Okta’s single sign-on security and therefore had unrestricted access to Ticketmaster’s accounts and data.
So all in all?
One stolen password opened a vault of half a billion identities. Plain and simple!
What Data Was Exposed
This wasn’t just your average email leak. The exposed data included:
- Full names and mailing addresses
- Email addresses and phone numbers
- Partial credit card numbers and expiration dates
- Ticket purchase details and login credentials
On the surface level, it could be that the partial credit card data may not sound very harmful to you, but here is what it really means in the simplest terms:
In the cybersecurity scene, people know this very well that even if your complete card number is not disclosed, if your name, address, and expiration date are combined, it is enough for scammers to either steal your identity or trick you into giving them money. That’s how a lot of online theft, scam or hacks are done every single day.
When the Courts Stepped In
In Canada
In Canada, the Consumer Law Group (CLG) has initiated a class action lawsuit against Ticketmaster and its parent company Live Nation. And just in case you’re asking about the complaint, well, the companies allegedly did not adequately safeguard customers’ personal data and delayed the disclosure of the data breach. There is no settlement yet because this case is pretty much ongoing.
In the U.S.
And then, meanwhile, the situation in the States got out of hand in no time. How exactly? See, for the company itself, by October 2024, several dozen lawsuits derived from unhappy customers had become one single federal Multidistrict Litigation (MDL).
For now, this court case is a mixture of claims against Ticketmaster, Live Nation, and Snowflake (the cloud host).
