Aktuelles
Ticketmaster owner Live Nation confirms hackers offered to sell customer data
June 2024 by Matt Aldridge, Principal Solutions Consultant at OpenText Security Solutions
Ticketmaster experienced a cyber attack, with hackers offering customer data for sale, potentially involving 560 million users. Live Nation confirmed the breach and is cooperating with law enforcement while investigating the incident. The commentary from Matt Aldridge, Principal Solutions Consultant at OpenText Cybersecurity regarding the incident.
“Cyber attacks have been a persistent threat to online platforms such as Ticketmaster due to the volume of sensitive, personal data and information they hold. Numerous companies and organisations have been targets, making it necessary for them to adopt or deploy a comprehensive set of security solutions.
Successful breaches can lead to substantial financial gains for attackers through stolen data. Additionally, disrupting Ticketmaster’s operations can cause widespread inconvenience and financial losses for both the company and its customers. The recent cyber attack is a reminder that threat actors are always on the lookout for new targets and businesses need to do all they can to have their cyber defences in play.
“In this case, it looks as though accounts without multi-factor protection at a cloud service provider were the route in for the attackers, who seem to have also compromised Santander data using the same credential stuffing technique. This is a strong reminder of the need for vigilance when selecting and configuring services from a cloud service provider, and of the importance of considering hybrid cloud and private cloud options alongside public cloud, in cases where the threat model may warrant extra control and protection of assets.”
Organisations that hold private information need to have clearly defined security policies and procedures in place. This starts with employee education, which underscores all effective cyber resilience and data protection strategies. Comprehensive best practice guides are critical to protecting information, especially when holding sensitive data on research. Data must also always be securely backed up, so systems can be restored if needed.
Finally, multi-layered cybersecurity controls must be deployed to help detect or block anything that breaches the first line of defence – the people of the organisation. In fact, we found in our 2023 OpenText Cybersecurity Threat Report that doing so is core to cybersecurity and cyber resilience. Ultimately, the broader the coverage of processes, tools, and systems an organisation has in place to protect and recover data, the less likely an attack will succeed.
