Editors' Note: Many Fast News images are stylised illustrations generated by Dall-E. Photorealism is not intended. View as early and evolving AI art!
Cyber attack hits,
Ticketek customers at risk,
Security must shift.
Ticketek Australia confirms cyber breach, days after Ticketmaster hack hits 560 million customers globally
Ticketek Australia has confirmed a cyber incident after hackers hit rival Ticketmaster, allegedly stealing 560 million Ticketmaster customer details globally and offering them for sale on a web hacking forum for US$500,000.
The group claiming responsibility for the Ticketmaster attack, Shiny Hackers, stated they had 1.3 terabytes of Ticketmaster data in 16 different folders and files. As reported on Friday, the stolen data reportedly includes hashed credit card numbers, the last four digits of credit cards, credit card expiration dates, fraud details, customer names, addresses, emails, and ticket and event information details.
After Ticketmaster confirmed its global breach, Ticketek confirmed it had emailed Australian customers on June 1, stating that name, date of birth, and email are the most likely personal data to have been breached in a cyber attack. At this stage, no direct link has been made between the two cyber attacks affecting the ticketing agencies.
"We are writing to let you know that Ticketek has become aware of a cyber incident impacting Ticketek Australia account holder information, which is stored in a cloud-based platform, hosted by a reputable, global third party supplier. We would like to reassure you that Ticketek has secure encryption methods in place for all passwords and your Ticketek account has not been compromised. In addition, we utilise secure encryption methods to handle credit card information and transactions are processed via a separate payment system which has not been impacted. Ticketek does not hold identity documents for its customers."
Ticketek said it has notified the Australian Cyber Security Centre (ACSC) and is liaising with the Office of the Australian Information Commissioner (OAIC) and the National Office of Cyber Security about the incident.