KTLA

Live Nation confirms Ticketmaster data breach compromising 500 million users

Ticketmaster tickets and gift cards are shown at a box office in San Jose, Calif., May 11, 2009. (AP Photo/Paul Sakuma, File)

Live Nation confirmed in a federal filing that Ticketmaster was part of a data breach days after reports surfaced over the possible sale of 560 million users’ data on the dark web.

According to a new filing with the U.S. Securities and Exchange Commission (SEC) filed on May 31, Live Nation, Ticketmaster’s parent company, confirms that on May 20, 2024, they “identified unauthorized activity within a third-party cloud database environment containing Company data.” Less than two weeks after the intrusion, the notorious hacker group ShinyHunters posted a listing on the dark web selling the data for $500,000 including names, emails, phone numbers, addresses and credit card details.


In the filing, Live Nation states they are working to mitigate risk to both users and the company, as well as collaborating with law enforcement. At this time, neither Ticketmaster nor Live Nation have issued any public statement concerning the breach.

In addition to the data breach, Live Nation is facing another challenge. Last month, the U.S. Department of Justice, along with 29 states, filed a sweeping lawsuit accusing Live Nation and Ticketmaster of monopolizing the live entertainment industry.

The government accused Live Nation of tactics — including threats and retaliation — that have allowed the entertainment giant to “suffocate the competition” by controlling virtually every aspect of the industry, from concert promotion to ticketing.

Live Nation, which has for years denied that it is violating antitrust laws, said it would defend itself against the “baseless allegations.”

How to protect yourself from a data breach

Avoiding data breaches entirely can be tricky in our ever-digitized world, but consumers can take some steps to help protect themselves going forward.

The basics include creating hard-to-guess passwords and using multifactor authentication when possible. If you receive a notice about a breach, it’s a good idea to change your password and monitor account activity for any suspicious transactions.

You’ll also want to visit a company’s official website for reliable contact information — as scammers sometimes try to take advantage of news like data breaches to gain your trust through look-alike phishing emails or phone calls.