News You Can Use

Report: More than 26 million user accounts breached in Ticketfly hack


Craig Johnson,

Ticketing website Ticketfly remains offline after being hacked last week in a high-profile data breach. It was initially reported that “thousands” of accounts were exposed, but we’re now getting a better sense of just how bad the attack was.

More than 26 million accounts were involved in the hack, according to the site, which keeps track of data breaches.

Report: 26 million Ticketfly accounts hacked

If you’re a Ticketfly customer and use Have I Been Pwned, you may have gotten an email saying the following:

Subject line: You’re one of 26,151,608 people pwned in the Ticketfly data breach

In May 2018, the website for the ticket distribution service Ticketfly was defaced by an attacker and was subsequently taken offline. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location. The data included over 26 million unique email addresses along with names, physical addresses and phone numbers.

The email links to a report from Motherboard, a tech microsite of, which reported that they communicated with the purported hacker. The May 31 breach became public when Ticketfly’s front page was briefly replaced with artwork depicting a person in a Guy Fawkes mask.

The mask of Fawkes, a 17th century anarchist in England, was popularized in the movie “V for Vendetta” and has become a symbol of the hacking community.

Michael Stenberg@MichaelStenberg

Huh, well shoot. Not every day you see a site as high profile as @ticketfly get taken down. Take your security seriously.

Motherboard reported that in an email conversation, the perpetrator claimed that he had warned Tickefly that its site had a major vulnerability that would allow someone to commandeer its entire database. The hacker shared two emails between himself and Ticketfly employees that appear to back up the allegations, Motherboard said.

“Hi bill i’m the hacker,” Motherboard said the subject line reads in one of the emails. “Your database and your file I have it.”

The hacker also sent Motherboard what he described as personal information of Ticketfly customers and employees. Motherboard said the CSV spreadsheet files appear to contain names, home and email addresses, and phone numbers.

Later that day, Motherboard’s Lorenzo Franceschi-Bicchierai, who writes about cyber security, tweeted that, “Right now, it DOES NOT appear that credit card numbers or passwords were compromised.”

Although it doesn’t seem that financial information was stolen in this incident, it is a major data breach nonetheless. Here is what you can do if you feel your information has been compromised.

Ticketfly data breach: What you can do to protect yourself

Ticketfly is directing customers to the webpage, which says this:

As many of you are aware, has been the target of a cyber incident. In consultation with leading third-party forensic and cybersecurity experts, we are in the process of bringing the Ticketfly ticketing system back online with the security of our clients and fans top of mind. We are grateful for the outpouring of support our community has shown us while we continue to work through this cyber incident, and appreciate your continued patience as we bring the systems back online. We will update information on this page as appropriate.

Money expert Clark Howard says the #1 way to protect your financial information is by following this two-pronged approach:

  1. Sign up for a or to get free credit monitoring and be notified when anyone tries to access your personal info. Here’s a step-by-step rundown of how to do it.
  2. Freeze your credit at the three major credit-reporting bureaus. Here’s an in-depth guide on how to contact Equifax, TransUnion and Experian to freeze your accounts.

In addition, if you had a Ticketfly account, you should immediately change the passwords on any accounts tied the same email address tied to your Ticketfly account and always employ 2-factor authentication, when possible.

Share on Facebook
Share on Twitter