
In what seems like a never-ending taunting of Ticketmaster, attackers allegedly shared hundreds of thousands of electronic tickets to upcoming shows of major artists.
Attackers associated with ShinyHunters, a hacker group behind the massive Ticketmaster data breach, continue to be a thorn in the ticket sellers’ sides. On July 12th, cybercriminals released what they claim are millions of Ticketmaster e-tickets for upcoming concerts.
The artists with the most leaked tickets to their upcoming tours include:
- Hozier, 410,211 tickets
- Morgan Wallen, 354,455 tickets
- Foo Fighters, 324,662 tickets
- Twenty One Pilots, 254,101 tickets
- Chris Stapleton, 206,850 tickets
- Justin Timberlake, 205,677 tickets
- Kacey Musgraves, 205,608 tickets
- Taylor Swift, 177,441 tickets
- P!NK, 169,330 tickets
- Tyler Childers, 162,639 tickets
Other performers whose names appear in the leak include Weezer, Cigarettes After Sex, Jennifer Lopez, Iron Maiden, Rolling Stones, Pearl Jam, Sum 41, Blink-182, Green Day, Usher, Kings of Leon, and many more.
We have reached out to Ticketmaster for confirmation and comment on whether the leak impacts legitimate ticket holders. We will share a response once we receive it.

Last week the group published barcode data for over 166,000 tickets for Taylor Swift Eras Tour concerts in several US cities, including Miami, New Orleans, and Indianapolis. The attackers said that they’ll continue to leak data until Ticketmaster pays them $2 million.
However, at the time Ticketmaster said the barcodes had little value, as new ones are generated for tickets every few seconds to prevent the company from ending up in this exact situation.
This time, attackers claim they've released data on 10 million e-tickets. These tickets allow users to print them at home, which means the barcode scanned at the entrance to a show is fixed.
To add insult to injury, the attackers’ post includes a link to Ticketmaster’s website with instructions on how to generate a PDF ticket with a fixed barcode.
Ticketmaster has had a rough couple of months after attackers breached the company’s cloud service provider Snowflake’s account.
Several of Snowflake’s clients had their details exposed after a targeted campaign on organizations that utilized single-factor authentication at the cloud provider. Earlier this week, Snowflake announced that account admins can now enforce mandatory multi-factor authentication (MFA) for all users.
Your email address will not be published. Required fields are markedmarked