This week, hackers known as ShinyHunters claimed they had obtained barcode data for hundreds of thousands of tickets to Taylor Swift’s Eras tour. They are demanding millions in ransom from Ticketmaster, threatening to leak the data online if their demands are not met.

Posted Samples and Further Threats

The hackers posted samples of the ticket data on an online forum, revealing information on Swift’s shows in Indianapolis, Miami, and New Orleans. They also claimed to have 30 million more barcodes for various high-profile concerts and sporting events.

ShinyHunters’ Notorious History

ShinyHunters, along with an associated account named Sp1d3rHunters, has a history of major hacks, including attacks on Santander bank, AT&T, and Microsoft.

Ticketmaster’s Response

Ticketmaster’s parent company, Live Nation Entertainment, denied any communication with the hackers or plans to pay the ransom. They assured that their ticketing technology prevents the use of leaked barcodes by refreshing them every few seconds.

Expert Analysis on the Data’s Usefulness

Cybersecurity experts confirmed that the stolen data would be ineffective for gaining access to events. Ticketmaster uses dynamic barcodes, rendering the static data obtained by the hackers useless for entry.

Secureworks’ Insight

Don Smith, vice-president at Secureworks, emphasized that the data could not be used to recreate a valid barcode for entry. “If you’re running events of the size and scale of the Eras tour, you are not going to make it easy for someone to just get access to a database and then be able to create a fake ticket,” he said.

The Rise of Cyberattacks

This ransom threat is part of a broader trend of rising cyberattacks and ransomware incidents. In 2023 alone, victims paid out an estimated $1.1 billion in ransoms. The UK’s National Health Service was significantly affected by a ransomware attack in June.

Details of the Earlier Breach

ShinyHunters allegedly breached a third-party contractor earlier this year to gain access to Ticketmaster’s data, affecting around 560 million customers. This breach included names, partial payment details, phone numbers, ticket sales, and other information.

Live Nation’s Ongoing Issues

Live Nation has been grappling with multiple public relations problems and legal challenges. In May, the US Department of Justice sued the company for allegedly monopolizing ticket sales. The company also faced backlash over its handling of Swift’s Eras tour, leading to hours-long waits and exorbitant resale prices.

Previous Cyberattacks on Swift’s Tour

Swift’s tour has been targeted by cyberattacks before. In February, hackers breached Australian events company Ticketek, reselling Eras tour tickets. Pop-up stands were set up outside Swift’s shows to help fans regain their tickets.

ShinyHunters’ Other Attacks

ShinyHunters also claimed responsibility for accessing bank and credit card numbers for around 30 million customers and employees at Santander bank. The group attempted to sell this information to the highest bidder.

Law Enforcement Actions

In May, the FBI and US Department of Justice seized the online forum used by ShinyHunters to post ransom threats. Despite this, another site quickly emerged, continuing the group’s activities.