Live Nation Says It Was Victim of Cyber Attack, “Criminal Threat Actor” Selling Alleged User Data

Live Nation appears to be the victim of a cyber attack.

The Ticketmaster owner says that earlier this month it “identified unauthorized activity within a third-party cloud database environment containing Company data… and launched an investigation with industry-leading forensic investigators to understand what happened.”

More from The Hollywood Reporter

The company says the breach was primarily in its Ticketmaster subsidiary. A source familiar with the matter says that the issue was with a third-party server hosted by the cloud computing company Snowflake.

To make matters worse, the company says that it appears data is being offered for sale on the dark web.

“On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web,” the company wrote in the SEC filing. “We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information.”

Live Nation says it does not believe the incident will have a material impact on its business for the time being.

The apparent hack caps off a difficult month for the live event, concert, and ticketing giant. Last week the Department of Justice filed an antitrust suit against the company, seeking to break it up.

Media and entertainment companies are frequent targets of cyber attacks (Roku said that hundreds of thousands of accounts were breached earlier this year), with credit card information and personal data of consumers at their disposal, and a high-profile presence.

It is not clear who the Live Nation “criminal threat actors” are, or what they were seeking, beyond some user data that they could resell on the black market.

Best of The Hollywood Reporter