Ticketmaster has had a data breach and is being extorted for $US500,000, the details of how this happened is still unknown.
Over 500million customer globally and 1.3 terabytes of customer data possessed by Ticketmaster including names, addresses, credit card numbers, phone numbers and payment details is up for sale.
Considering the sheer scale of the breach and the relatively low extortion amount, several theories about the breach’s origin are emerging:
- Disgruntled Past Employee: The breach could be an act of revenge by a former employee who believes they were unfairly compensated or treated. Such insider threats can pose a significant risk, as they often have intimate knowledge of a company’s systems and vulnerabilities.
- Beginner Cyber Attacker: While less likely given the sophistication required to execute such a large-scale breach, the possibility remains that a novice hacker looking for a quick financial windfall is responsible.
- Sophisticated Cybercriminal Group: The most probable scenario involves a well-organized and experienced cybercriminal group with the resources and technical expertise to carry out such a complex attack.
How many breaches will need to occur before people understand that Risk is not “it might happen” and realise Risk means “it is going to happen sometime in the future”. Risk always happens its just a matter of which comes first, the risk event or you leaving the company.
For companies that don’t want to be hacked, I’d suggest reaching out to Vertex Cyber Security for consultation or a cyber audit from Vertex to find those Risks that are waiting to happen.
