30 Million Ticketek Customer Details Allegedly for Sale on a Hacking Forum

Written by Lore Apostol
Published on June 24, 2024

A threat actor is advertising a new set of data on a popular hacking forum, this time allegedly stolen from the Australia-based live events and ticketing company TEG (Ticketek Entertainment Group). The data trove reportedly includes the details of some 30 million customers.

A hacker known as Sp1d3r posted the sale announcement complete with samples on Thursday, claiming the information includes full names, genders, dates of birth, usernames, email addresses, and hashed passwords, as well as customer IDs and other internal details – but no credit card information, as transactions are handled by a separate payment system.

This coincides with the disclosure of a data breach from TEG-owned ticketing company Ticketek, which notified its customers on May 31, with the Australian company saying the cyberattack impacted customers’ data “stored in a cloud-based platform, hosted by a reputable, global third-party supplier.

The company confirmed that names, dates of birth, and email addresses from its customer database may have been affected but declared customer accounts were not compromised.

There was no mention of Snowflake connections. However, the same cybercriminal was also selling an alleged 3TB of data from automotive aftermarket parts provider Advance Auto Parts obtained from a breach of the company's Snowflake account.

The number of affected companies using Snowflake environments wasn’t disclosed until recently when incident response firm Mandiant said approximately 165 companies may have had their data stolen through the use of leaked credentials of Snowflake customer accounts without multi-factor authentication (MFA), which were exposed via several info-stealer malware variants.

Earlier this month, Sp1d3r was also selling data allegedly belonging to customers, partners, and employees of cybersecurity company Cylance for $750,000, including 34 million customer, prospect, and employee emails. 

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: