After Ticketfly’s website was recently taken offline due to a “cyber incident”, the company issued a statement pointing that more than 27 million accounts may have been affected. While the company is still assessing the damages, its website is back online after it was defaced and completely shut down for days.
The event management website, bought by Eventbrite from Pandora in 2017, is believed to have been breached via a WordPress vulnerability in their blog, according to the message posted by the hacker.
Payment information and passwords were not exposed during the attack, but Ticketfly said hashed passwords for venue and promoter accounts may have been compromised. By issuing a mandatory password reset, the company believes customers will be safe from account takeovers.
What was compromised seem to include email addresses and phone numbers, as well as home and billing addresses.
“In consultation with third-party forensic cybersecurity experts we can now confirm that credit and debit card information was not accessed,” wrote the company on their blog. “However, information including names, addresses, email addresses and phone numbers connected to approximately 27 million Ticketfly accounts was accessed. It’s important to note that many people purchase tickets with multiple email accounts, so the number of individuals impacted is likely lower.”
While it’s unclear if the company fixed the vulnerability that enabled the data breach, the company did say it’s still working on bringing back online all affected services. Meanwhile, all affected users and clients should adhere to their FAQ page for more details on how to proceed if encountering any issues.
*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Liviu Arsene. Read the original post at: https://hotforsecurity.bitdefender.com/blog/27-million-ticketfly-accounts-compromised-in-data-breach-19991.html