Live Nation has confirmed that Ticketmaster suffered a data breach after its data was stolen from a third-party cloud database provider, which is believed to be Snowflake.

“On May 20, 2024, Live Nation Entertainment, Inc. (the “Company” or “we”) identified unauthorized activity within a third-party cloud database environment containing Company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened.

“On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web.”

“We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”

While the breach has allegedly exposed the data of over 560 million Ticketmaster users, the company states that they do not believe that the breach will have a material impact on the overall business operations or its financial condition.

This admission comes after a threat actor known as Shiny Hunters has been attempting to sell the Ticketmaster data on a hacking forum for $500,000.

The allegedly stolen databases supposedly contain 1.3TB of data, including customers’ full details (i.e., names, home and email addresses, and phone numbers), as well as ticket sales, order, and event information for 560 million customers.

In a conversation with the threat actor, ShinyHunters told BleepingComputer that there are interested buyers in the data, and believed that one of buyers that approached them was Ticketmaster themselves.

When asked how they stole the data, the threat actor said they “can’t say anything about this.”

However, today more information was revealed as to how the threat actors gained access to the Ticketmaster database, as well as possibly the data for many other customers.

This is a developing story