Tag :
Cyber Security

As technology evolves rapidly, more sectors find easier and more automated ways for customers to share information, transact, and enjoy services. While this has revolutionized how businesses operate in a digital age, it has also opened the doors to several cyber threats that can drastically affect clients and companies. The entertainment industry in particular is known to collect and process multitudes of personal and private information that can be easily leveraged in phishing attacks on a larger scale. This is precisely the main fear after the recent Ticketmaster hack that affected more than 500 million customers globally.

In this blog article, we look further into the Ticketmaster data breach and try to understand the details of the cyber-attack. We have also tried to investigate Ticketmaster as a company and its role in the entertainment industry thus far. The article will then go on to list some of the ways that customers can remain safe when purchasing tickets online. We also go over some of the tips for organizations in the entertainment industry to keep a strong cybersecurity posture. First, we’ll start by exploring the Ticketmaster hack in more detail.

Ticketmaster Hack and online ticket buying concept

Ticketmaster Hacked in Australia

On the 29th of May, a hacking group by the name of ShinyHunters shared on a dark web forum that it had access to the data of 560 million Ticketmaster customers – amounting to almost 1.3 terabytes. The group was putting the data up for sale for a one-time price of US$ 500,000 and demanded that Ticketmaster pay a ransom to avoid the release of the information. According to the sample data posted by the group, the stolen information consists of customer names, addresses, phone numbers, and email addresses. It also included hashed credit card numbers, the last four digits of credit cards, credit card expiration dates, and fraud details. as well as customer names, addresses, and emails.

ShinyHunters on Breach Forums claiming Ticketmaster data breach (Screenshot: Hackread.com)

Sourced from Hackread

Ticketmaster itself has not yet confirmed the security incident or responded to any requests from the media about the stolen data. However, the Australian government has confirmed that it was aware of a cyber-incident impacting Ticketmaster and was investigating further – pivoting any further questions back to the ticketing company. A Ticketmaster customer told the Guardian Australia that he was concerned that he had not yet received any communication from Ticketmaster detailing the breach or any advice for its customers.

CBS News reported that 52 email addresses posted by the ShinyHunters group were connected to individuals in several US states, including Canada and New Zealand. The publication noted that the information seen doesn’t often go together and that usually hackers only aim for usernames, passwords, or payment information. However, you don't often see stolen addresses and past purchases – which would help a group to “put up sites that look like Ticketmaster sales partners to target consumers they know have purchased event tickets before." The breached information could be easily used to scam people into buying fake tickets in the future.

The FBI has also become involved in the investigation and has offered its assistance to the Australian authorities. The ShinyHunters group has made a name for itself in the past as well by targeting Indonesian e-commerce giant Tokopedia and by stealing large volumes of customer data from Microsoft and Wishbone. Now, let’s look further into Ticketmaster itself as a company and its roots in Australia.

More About Ticketmaster

Ticketmaster was founded in 1976 and is one the largest ticket-selling companies in the world. Based in America, the organization operates in 32 countries around the world today. In 2009, Live Nation, which was originally an events promoter, announced its intention to merge with Ticketmaster and create the conglomerate of Live Nation Entertainment. Ticketmaster has more than five million customers in Australia and New Zealand alone and sells thousands of tickets for sports, music, performing arts, theatre, comedy, and other attractions.

However, after the Ticketmaster data breach, neither the company nor its parent company, Live Nation, were available for comment. Ticketmaster has not been having an easy time in the headlines lately either. Earlier in the month, the US Department of Justice filed an antitrust lawsuit against the ticketing giant to break up an alleged monopoly in the live music industry. The lawsuit claims that Live Nation and Ticketmaster hold too much market share and have affected show prices and the freedom of artists and venues. The lawsuit seeks to “restore competition in the live concert industry, provide better choices at lower prices for fans, and open venue doors for working musicians and other performance artists.”

The company also faced scrutiny in 2021 when it was found guilty of hacking into its competitor’s site - Songkick. Ticketmaster agreed to pay a US$ 10 million criminal fine to avoid prosecution over the charges that it had illegally accessed systems of the startup rival to steal proprietary info in an attempt to “choke off” the smaller company’s business. The entertainment industry can be a cutthroat place for businesses to thrive – especially with rampant cyber-attacks constantly on the horizon. We’ll now look at some of the cyber risks that affect the entertainment industry at large.

Cyber Risks in the Entertainment Industry

Entertaining the masses can be a difficult task for any company and demands consistent, secure, and reliable service delivery. Unfortunately, this also makes it a particularly vulnerable sector for cyber threats. With millions of transactions happening daily for music festivals, streaming sites, and other entertainment services, infrastructure can be easily overwhelmed where people and companies are ill-prepared. The processing of large amounts of personal data and payment information can be leveraged by threat actors for phishing, social engineering hacks, and ransomware attacks. This is why organizations must invest in the best cybersecurity measures to maintain their client’s privacy.

Ticketmaster is also no stranger to being a cyber threat cautionary tale in the entertainment industry. In November last year, the ticketing company was hit by a cyberattack that led to problems with ticket sales for the Taylor Swift US tour. While the company suffered an expected massive influx of traffic that caused websites to slow down, a cyber-attack was also launched and the company maintains that it was “hit with three times the amount of bot traffic” than ever experienced before.

The streaming giant, Disney+ also became victim to a cyber-attack when it launched its online service. The company was severely unprepared for the influx of visitors at which time hackers began hijacking accounts, shutting out customers, and selling the user details online in various hacking forums. Cyber-attacks in the entertainment industry have presented a significant risk to the future of artists, distributors, and consumers. Some of the main risks to the entertainment sector by cyber-attacks include:

  • The loss of intellectual property can lead to art being destroyed, resold, or released without authorization.
  • Financial losses to artists, distributors, studios, and other entertainment service providers.
  • Regulatory penalties for the incorrect handling of media or intellectual property.
  • Reputational damage after companies fail to comply with cybersecurity practices or maintain customer data privacy.
  • Loss of trust from future clients, customers, or partners in the industry.

While we cannot bring cyber-attacks in the entertainment industry to a dead halt, there are ways that companies and individuals can do their part to ensure their safety. Now, let’s look at some of the ways customers can be safe when buying tickets online.

How to Ensure Your Cybersecurity When Buying Tickets Online

The Internet has made transactions so much easier around the world. Buying tickets for concerts, festivals, and more can usually be done online through a vetted provider. However, many cybercriminals will take advantage of the remote process to sell invalid tickets or scam people into providing private credentials. This is why customers need to be cautious when buying any tickets online. Here are some tips to keep you safe when purchasing your next ticket:

  1. Ensure that you use a secure connection to make your purchase. Remember to check the website URL is secure and that a padlock icon can be seen in the address bar. Do not enter any personal information if the website is flagged by your browser or computer’s security.
  2. Buy your tickets from verified sources. Always make your purchase through the official website and vetted ticketing agencies. Try to avoid third-party sellers or random forums – even if they offer discounted rates or prices. Hackers will often pose as resellers or create replica websites to sell tickets.
  3. Avoid using public Wi-Fi connections for your ticket purchases. Public Wi-Fi networks are notoriously used by hackers for their vulnerable infrastructure. Use a secure and trusted Wi-Fi connection when making any type of purchase online.
  4. Be wary of phishing scams. The majority of ticketing scams happen through phishing attacks that attempt to deceive customers into clicking on links or attachments with malware injections inside. Be extra cautious when verifying email addresses and always double-check directly with the website to ensure that your transaction is legitimate.
  5. Don’t be swayed by deals that are too good to be true. Generally, if a deal seems too good to be true, it probably isn’t. Hackers will rely on your naivety and will offer outrageous discounts that need to be acted on immediately. Always be suspicious of these deals and contact the official distributor directly before making any rash transactions.
  6. Check your ticket details carefully. While you might be caught up in the excitement of seeing your favourite artist or show, you need to carefully review your ticket details before processing any payment.
  7. Use Multi-Factor Authentication (MFA). Try to enable your Multi-Factor Authentication on ticketing websites and apps wherever you can to ensure a secure connection at all times.
  8. Always verify the seller’s reputation. If you need to make your ticket purchase through a reseller or third-party seller, do some research to verify if they can be trusted.

While individuals can do their part to avoid being scammed in the entertainment industry, it doesn’t help if major organizations in the sector don’t step up their cybersecurity posture as well. As seen in the Ticketmaster hack, when major companies don’t secure customer data effectively, the consequences can be dire for all parties involved. Let’s go through some of the ways larger entertainment companies can protect themselves from cybersecurity threats in the future.

Cybersecurity Tips for Organizations in the Entertainment Industry

The entertainment industry can be difficult to navigate for most companies in the digital age. Large numbers of ticket purchases and an influx of website traffic can easily overwhelm under-prepared systems and teams. Companies can also face hefty fines for compromising confidential data according to the data laws in their areas. Financial loss and reputational damage from cyber-attacks can also push a company underwater in a matter of days without the right security measures in place. Here are some ways that organizations in the entertainment industry can be better equipped to deal with cyber threats:

  1. Use secure communication channels within the company. Sensitive information, intellectual property, and general transactions need to always take place on a secure line with limited access to prevent data leaks or vulnerabilities.
  2. Conduct regular and constant vulnerability assessments. Companies in every industry need to do regular vulnerability assessments to detect weak areas of security and potential irregularities in the system. This will allow you to identify potential anomalies and vulnerabilities before threat actors can leverage them.
  3. Use Multi-Factor Authentication across all platforms. Using Multi-factor authentication will prevent any unauthorized access to private information across websites and apps.
  4. Back up your company data regularly. In the modern age of cloud computing, companies have no excuse not to back up their data regularly to prevent ransomware attacks and ensure faster recovery after a cyber-attack. In the entertainment industry, this also preserves the integrity of any private intellectual property being kept in the company servers.
  5. Train employees to practice better cyber hygiene. Proper cyber hygiene practices will ensure that your workforce is equipped to respond to cyber threats effectively and immediately – reducing the amount of downtime and the damage the attack can do. Employees should be trained to recognize phishing emails, social engineering attacks, and other types of malware.
  6. Have a policy of transparency with the public. According to the Guardian, Professor Nigel Phair, a Monash University expert in cybersecurity, noted that the company’s silence after the Ticketmaster hack was “troubling” and that organizations need to be more “proactive in their communications and inform the public what has happened and how they are remediating the situation.” he said. Companies need to respond and take responsibility when a cyber incident occurs to reassure their customers, partners, law enforcement, and the public at large. This creates a sense of trust and ease while working through the recovery process.
  7. Ensure effective access management and controls. While many parties might be involved in different elements of the entertainment industry, it’s important to limit access to authorized personnel alone. This prevents the risk of data leaks or internal sabotage by only allowing vetted and authorized access where needed.
  8. Using advanced Endpoint Security. Endpoints are one of the most vulnerable areas of any network and are usually targeted by threat actors as a means of entry into the system. Companies need to use effective Endpoint Security measures to ensure that their network remains secure from all ends.
  9. Try to encrypt all content. When digital assets are stolen, encryption makes it much harder for hackers to access or leverage data. The data found in the entertainment industry can also be regulated by intellectual property laws and regulations, making encryption even more important to prevent data loss.

The Ticketmaster hack can serve as a wake-up call for companies in the entertainment industry to buck up on their cybersecurity approach and invest in the right tools and practices. While the Ticketmaster data breach might seem like an isolated event, no company has the guarantee that it won’t be the victim of a cyber-attack in the future. To ensure that your customers and company get the best cybersecurity services and infrastructure available, contact Sangfor Technologies today to see how we can help you be more prepared.

 

Contact Us for Business Inquiry

 

Sources:

https://www.theguardian.com/australia-news/article/2024/may/30/ticketmaster-hack-data-breach-australia-yet-to-confirm

https://www.cbsnews.com/news/ticketmaster-breach-what-to-know-about-protecting-your-data-cbs-news-explains/

https://www.politico.com/news/2023/01/23/ticketmaster-cyberattack-taylor-swift-tickets-00079119

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

Cyber Security

Top Cisco Alternatives and Competitors

Date : 17 Dec 2024
Read Now
Cyber Security

Top Antivirus Software for Enterprise Brands

Date : 12 Dec 2024
Read Now
Cyber Security

Brain Cipher Ransomware Attack: Alleged 1TB Data Breach at Deloitte UK

Date : 07 Dec 2024
Read Now

See Other Product

Platform-X
Sangfor Access Secure
Sangfor SSL VPN
Best Darktrace Cyber Security Competitors and Alternatives in 2024
Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure

Meet the Author

About Sangfor

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail