Ticketmaster Data Breach Exposes Sensitive PII

On June 26, 2024, Ticketmaster LLC disclosed a significant data breach that affected 250 people residing in Texas. The breach was discovered on May 23, 2024, and involved unauthorized access to a cloud database hosted by a third-party data services provider. The unauthorized activity occurred between April 2, 2024, and May 18, 2024.

The exposed consumer information includes:

• Name of individual
• Address
• Driver’s License number
• Government-issued ID number (e.g., passport, state ID card)
• Financial Information (e.g., account number, credit or debit card number)
• Date of Birth

The severity of the breach is underscored by the sensitive nature of the data exposed. The breach was facilitated by unauthorized access to a cloud database, highlighting vulnerabilities in third-party data management systems.

Ticketmaster's Response

Ticketmaster LLC has taken several steps to address the breach. The company has been diligently investigating the incident with the assistance of outside experts. They have contacted and are cooperating with federal law enforcement authorities. Technical and administrative measures have been implemented to enhance the security of their systems and customer data. These measures include rotating passwords for all accounts associated with the affected cloud database, reviewing access permissions, and deploying increased alerting mechanisms in the environment.

Steps for Affected Individuals

If you are affected by this data breach, it is crucial to take the following steps to protect yourself:

1. Monitor Your Accounts: Regularly review statements from your accounts and periodically obtain your credit report from one or more of the national credit reporting companies. You can obtain a free copy of your credit report online at Annual Credit Report, by calling toll-free 1-877-322-8228, or by mailing an Annual Credit Report Request Form to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281.
2. Place a Credit Freeze: You have the right to put a security freeze on your credit file, so no new credit can be opened in your name without the use of a Personal Identification Number (PIN). This can be done by contacting all three major consumer reporting agencies:
1. Equifax
2. Experian
3. TransUnion

1. Set Up Fraud Alerts: Place an initial or extended fraud alert on your file at no cost. An initial fraud alert lasts one year and requires businesses to verify your identity before extending new credit. Contact any one of the credit reporting agencies to set this up.
2. Sign Up for Identity Monitoring: Ticketmaster is offering identity monitoring with TransUnion at no cost. This service will monitor your personal data on the dark web and provide you with alerts for one year from the date of enrollment if your personally identifiable information is found online. You can sign up for this service by clicking the following link: TransUnion Sign-Up.
3. Be Vigilant Against Phishing Attempts: Be mindful of phishing attempts such as emails from unknown senders or those that contain unusual content, such as links or attachments, or being asked to provide personal information over the phone.

For more details on the data breach disclosure, you can visit the Texas Attorney General's website and the California Attorney General's website.