Ticketfly Shuts Down Temporarily After Hacker Infiltrates Site
Ticketfly, a ticket distribution service, has temporarily shut down after discovering a "cyber incident," the company has revealed. Any attempts to access the Ticketfly website result in a message advising visitors of the event; the rest of the service is unavailable. The hacker had replaced the website's with a new picture and a warning.
Yesterday night, some Ticketfly visitors were greeted by a black website background with a Guy Fawkes characters in the middle and two messages. The first message read, "Ticketfly HacKeD By isHaKdZ" and the second message read, "Your Security Down im Not Sorry." There was also a Yandex email address and a threat about having access to a database with info on venues and more.
Check the homepage. pic.twitter.com/KPDu6PsjIJ
— Michael Stenberg (@MichaelStenberg) May 31, 2018
The company has since regained control of the website; it removed the digital vandalism and put up the message shown below:
The company states that it is investigating the incident and has taken its system offline "out of an abundance of caution." Anyone planning to attend events that were using Ticketfly to distribute tickets are advised to check with the event's own social media accounts for updates. Multiple other Ticketfly domains were also compromised.
The hacker threatens, "Next time I will publish database "backstage". [database wordpress]." Ticketfly published a tweet about the incident, but it is merely a condensed version of the notice published on the service's website. The company hasn't revealed whether the hacker did manage to steal a database nor which information, if any, has been compromised.
Though official details are still missing, Motherboard reports that it received files from the hacker and that they contain customer and employee data. The publication engaged in an email conversation with the hacker who claimed to have gotten control of "all database" belonging to Ticketfly.
The hacker also reportedly warned Ticketfly about a security issue and offered to disclose it to them for the sum of 1 Bitcoin. However, Ticketfly allegedly never responded. Files acquired by the hacker reportedly contain data on customers and employees that include home addresses, email addresses, phone numbers, and names. The files haven't yet been confirmed as valid.