Hackers are threatening to leak barcode data for hundreds of thousands of Taylor Swift’s Eras tour tickets unless Ticketmaster pays millions in ransom.
The hacking group shared samples of the data on an online forum, revealing ticket information for Swift’s shows in Indianapolis, Miami, and New Orleans. The data reportedly included values for scannable barcodes, seat information, ticket face values, and instructions for creating usable barcodes.
Fans hoping to use hacked tickets to attend Taylor Swift’s world tour will be disappointed, as the stolen information won’t grant access to events.
“This data is almost certainly not sufficient to allow someone to recreate a barcode to get in.If you’re running events of the size and scale of the Eras tour, you are not going to make it easy for someone to just get access to a database and then be able to create a fake ticket,” said Don Smith, vice-president at the cybersecurity firm Secureworks.
The ransom posts on the online forum were made by the hacking group ShinyHunters, using an account seemingly linked to them called Sp1d3rHunters. They also claimed to have an additional 30 million barcodes for other high-profile concerts and sporting events.
“Pay us $2million USD or we leak all 680M of your users information and 30million more event barcodes including: more Taylor Swift events, P!nk, Sting, Sporting events F1 Formula Racing, MLB, NFL and thousands more events,” the threat actor wrote.
Ticketmaster refuted claims of offering money to the hackers and stated that the hackers hadn’t contacted the company regarding the ransom. In a statement from parent company Live Nation Entertainment, Ticketmaster assured that their ticketing technology prevents the use of leaked barcodes by refreshing them every few seconds.
More specifically, Ticketmaster’s mobile app employs dynamic barcodes, which change frequently, rendering the static data from the hack useless for entry.
“Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied,” Ticketmaster explained. “This is just one of many fraud protections we implement to keep tickets safe and secure.”