Earlier this week, a cybercriminal group posted an alleged database up for sale online which, it says, contains customer and card details of 560 million Live Nation/Ticketmaster users.

The data was offered for sale on one forum under the name “Shiny Hunters”. ShinyHunters is the online handle for a group of notorious cybercriminals associated with numerous data breaches, including the recent AT&T breach.

The post says:

“Live Nation / Ticketmaster

Data includes

560 million customer full details (name, address, email, phone)

Ticket sales, event information, order details

CC detail – customer last 4 of card, expiration date

Customer fraud details

Much more

Price is $500k USD. One time sale.”

The same data set was offered for sale in an almost identical post on another forum by someone using the handle SpidermanData. This could be the same person or a member of the ShinyHunters group.

According to news outlet ABC, the Australian Department of Home Affairs said it is aware of a cyber incident impacting Ticketmaster customers and is “working with Ticketmaster to understand the incident.”

Some researchers expressed their doubts about the validity of the data set:

Thoughts on the alleged Ticketmaster Data Breach

TLDR: Alert not Alarmed

The Ticketmaster data breach claim has provided BreachForums with the quick attention they need to boost their user numbers and reputation.

The claim has possibly been over-stated to boost… pic.twitter.com/WJsFkBfQbw

— CyberKnow (@Cyberknow20) May 29, 2024

While others judged it looks legitimate based on conversations with involved individuals, and studying samples of the data set:

Today we spoke with multiple individuals privy to and involved in the alleged TicketMaster breach.

Sometime in April an unidentified Threat Group was able to get access to TicketMaster AWS instances by pivoting from a Managed Service Provider. The TicketMaster breach was not…

— vx-underground (@vxunderground) May 30, 2024

Whether or not the data is real remains to be seen. However, there’s no doubt that scammers will use this opportunity to make a quick profit.

Ticketmaster users will need to be on their guard. Read our tips below for some helpful advice on what to do in the event of a data breach.

You can also check what personal information of yours has already been exposed online with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report.

All parties involved have refrained from any further comments. We’ll keep you posted.

Protecting yourself after a data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

---

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Mastercard is integrating AI into its fraud-prediction technology that it expects will be able to see patterns in stolen cards faster and allow banks to replace them before they are used by criminals.

The post Using AI, Mastercard Expects to Find Compromised Cards Quicker, Before They Get Used by Criminals appeared first on SecurityWeek.

Communications hijacking, also known as “conversation hijacking,” has emerged as a significant threat to organizations worldwide. This form of cyberattack involves unauthorized interception or redirection of communication channels, leading to data breaches, financial loss, and damage to an organization’s reputation. Real-time incident response is a critical strategy in mitigating the risks associated with conversation hijacking […]

The post The Role of Real-Time Incident Response in Mitigating Conversation Hijacking Attacks appeared first on BlackCloak | Protect Your Digital Life™.

The post The Role of Real-Time Incident Response in Mitigating Conversation Hijacking Attacks appeared first on Security Boulevard.

Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.

The post Threat Actors Abuse GitHub to Distribute Multiple Information Stealers appeared first on SecurityWeek.

The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.

The post FCC Warns of ‘Royal Tiger’ Robocall Scammers appeared first on SecurityWeek.

UnitedHealth Group has given an update on the February cyberattack on Change Healthcare, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying:

“Based on initial targeted data sampling to date, the company has found files containing protected health information (PHI) or personally identifiable information (PII), which could cover a substantial proportion of people in America.”

UnitedHealth also announced support for affected people.

On Wednesday February 21, 2024, Change Healthcare experienced serious system outages due to the cyberattack. The incident led to widespread billing outages, as well as disruptions at pharmacies across the United States.

The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments to doctors and health facilities.

Despite the ongoing investigation, which expectedly will take several more months of detailed analysis, UnitedHealth said it had decided to immediately provide support. The company says it continues to monitor the regular web and the dark web for any published data.

The chief executive of UnitedHealth Group, Andrew Witty, is expected to testify in Congress in May about the matter. Meanwhile the company says it has made strong progress restoring services impacted by the event and is prioritizing the restoration of services that impact patient access to care or medication.

Affected people can visit a dedicated website at changecybersupport.com to get more information, or call 1-866-262-5342 to set up free credit monitoring and identity theft protection.

Protecting yourself from a data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Check your digital footprint

Malwarebytes has a new free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.

---

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection

The German Federal Office for Information Security (BSI) has published a report on The State of IT Security in Germany in 2023, and the number one threat for consumers is… identity theft.

The thing is, you can protect your devices and your online privacy as much as possible, but what happens when some organization which you have trusted with your personal information gets breached?

The report states:

“For consumers, the issue of data leaks was prominent in the reporting period (2023). In many cases, these were related to ransomware attacks, in which cybercriminals exfiltrated large amounts of data from organizations in order to later threaten to publish it unless a ransom or hush money was paid.“

In addition to data breaches, there is the danger of information stealers that allow cybercriminals to obtain various types of personal data, such as login details for various online services, and financial information. The stolen data may also include website cookies and biometric data that can be used by criminals to defraud the victim.

Cybercriminals are also getting better at using these data. For example, the report mentions that on one of the largest underground marketplaces for identity data, cybercriminals offered interested parties a browser plug-in that made it possible to import stolen credentials directly into the web browser, allowing criminals to assume the victim’s digital identity with just a few clicks.

We’ve previously talked about the dangers of data brokers that, by trading and buying, are accumulating massive troves of personal data. Now, with the mass availability of Artificial Intelligence tools, it becomes so much easier to correlate all these data sets and piece together a complete profile of everyone affected.

As you can see, it’s usually not the victim’s fault that their data become available to cybercriminals. In many cases, there isn’t even that much that they could have done about it. Some services simply are not available in the offline world anymore, and we have no choice than to trust an organization with our information.

So, all we can do is make sure we come prepared to act when a data breach affects us, and keep an eye on how much we share and how much others will be able to find out about us.

What to do in the event of a data breach

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Digital Footprint scan

If you want to find out how much of your own data is currently exposed online, you can try our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a report.

---

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using Malwarebytes Identity Theft Protection.