Australian consumers may have had their personal data compromised in an alleged data breach impacting ticketing and events giant Ticketmaster.
Hacking group ShinyHunters claims to have stolen 1.3 terabytes of data on 560 million Ticketmaster customers globally, including names, addresses, credit card details and phone numbers.
The group is reportedly seeking $756,000 ($US500,000) for a one-time sale of the information on the dark web.
The Department of Home Affairs told ABC News it was aware of a cyber incident impacting Ticketmaster, and was working with the company “to understand the incident”.
Ticketmaster did not immediately respond to a request for comment.
If the customer data is confirmed as legitimate, it could lead to instances of attempted identity theft and fraud for some Ticketmaster users.
ShinyHunters has previously gone after high-profile targets, and is also known for running a cybercrime site called BreachForums, which recently reopened after being shut down by the FBI.
While ShinyHunters posted about the alleged Ticketmaster data on BreachForums, an identical post has also allegedly appeared on a separate forum called Exploit.
Professor Nigel Phair from Monash University said it was troubling that Ticketmaster was yet to make any public statement about the breach.
“Organisations need to be more proactive in their communications and inform the public what has happened and how they are remediating the situation,” he said.
“Significant data breaches are becoming all too common.
"The current legislative approach is clearly not working, as organisations are still not putting sufficient effort into cyber risk management.”
Professor Phair said Ticketmaster customers should “be on the lookout for unusual emails, SMS or phone calls”, as well as suspicious credit card transactions.
Australian customers of Pizza Hut had their details breached in late 2023, when ShinyHunters claimed to have stolen more than one million private records from the company.
With cyberattacks on the rise, the Office of the Australian Information Commissioner said it was notified of 910 data breaches impacting Australian organisations in the current financial year, to 28 May 2024.
Australian e-script provider MediSecure reported a major data breach earlier this month, before personal information and prescription details allegedly appeared for sale on a Russian-language hacking forum.
Reports of the Ticketmaster breach come after the company's owner, Live Nation, was sued by the US Department of Justice last week, accused of running an illegal monopoly over live events in America.