Ticketek data breach: Threat actors steal personal info of over 17 million Australians

Australia’s largest ticket sales company, Ticketek, suffered a significant data breach in May that exposed the personal information of over 17 million customers.

What happened

The security incident was revealed after a threat actor under the username “Sp1d3r” posted a for-sale ad on a hacking forum. The same threat actors recently attempted to sell a customer database stolen from luxury retailer Neiman Marcus.

                                                 Source: CyberInsider

The first confirmation of the incident came via a post on Ticketek’s parent company website TEG on May 31, 2024:

“Ticketek has become aware of a cyber incident impacting Ticketek Australia account holder information, which is stored in a cloud-based platform, hosted by a reputable, global third party supplier,” the notice reads.

“The available evidence at this time indicates that, from a privacy perspective, customer names, dates of birth and email addresses may have been impacted.”

While the company has yet to reveal the number of impacted customers, Troy Hunt’s Have I Been Pwned platform lists 17.6 million unique email addresses alongside names, genders, dates of birth, salutations, and hashed passwords.

Hunt also confirmed the breach on social media platform X on June 28, noting that his info was also included:

Ticketek releases updates on June 28

The company’s most recent statement provides additional insights, emphasizing that no customer accounts were compromised and that the company will continue to work alongside government agencies in response to the data security incident.

“By way of update, Ticketek has sought and been granted an injunction to prevent any access, dissemination, or publication of the impacted data by any third party,” Ticketek said. “This is part of our commitment to our customers to take all reasonable steps in response to this incident and to protect our customers’ data.”

Most importantly, Ticketek urges customers to watch out for scams and other social engineering schemes because criminals have begun contacting some Ticketek customers regarding their compromised information.

“We are aware some customers have recently been contacted by a third party regarding the impact to their information,” Ticketek explains. “We continue to recommend our customers utilise the guidance provided on our website Statement Regarding Ticketek Cyber Incident – TEG.

What should impacted customers do?

• Reset your Ticketek account password. Do this also for any other account that uses the same credentials or similar passwords to avoid credential-stuffing attacks and account takeovers. Your new password should be strong (16 characters long) and unique for every online account. If you find password management difficult, consider using Bitdefender Password Manager.
• Regularly check for any updates via official Ticketek channels
• Monitor your accounts for unusual activity or unauthorized access.
• Remain vigilant against scams leveraging exposed information. Handle unsolicited correspondence (emails, direct messages or texts) with care and be wary of any phone calls that require you to provide sensitive information

To assist you in this process, you can rely on Bitdefender Scamio. Scamio is our AI-powered scam detector that acts like your personal scam-busting assistant 24/7.

Whenever you’re unsure about a link, message or proposal, check it with Scamio on WhatsApp, Facebook Messenger or a web browser for free! Copy/paste a text or link, describe the situation, and upload the image or the QR code you want to verify. Scamio will analyze the data and tell you if anyone is trying to scam you.

You can also help all of your friends and family members stay safe by sharing Scamio with them in France, Germany, Spain, Italy, Romania, Australia and the UK.

• Use a digital identity protection service to stay on top of data breaches and leaks, and protect your identity

Here’s how Bitdefender Digital Identity Protection can help:

1. It lets you react immediately to data breaches and other privacy threats. Instant alerts let you take swift action to prevent damage, such as changing passwords.
2. Real-time monitoring. The service continuously scans the internet and dark web for your personal information. You will receive alerts whenever your data is involved in a data breach or leak.
3. Peace of mind. The service immediately flags suspicious activity and actively monitors personal information for peace of mind.
4. Education and awareness. Our educational resources help you understand the evolving threat landscape and how to protect yourself and your loved ones.

Read more about our comprehensive features, here.