Ticketmaster has become the latest high-profile company to suffer a significant data breach, impacting a staggering 560 million customers worldwide. Among the affected are 2 million Australian customers, raising serious concerns about data security and the measures companies are taking to protect personal information.
In a recent interview on ABC Newcastle's Drive Home, Robert Buck, Managing Director of Diamond IT, discussed the breach with Paul Culliver, shedding light on what this means for individuals and the broader implications for data security.
The hacker group ShinyHunters successfully infiltrated Ticketmaster's systems with the aim of extorting money. They obtained a massive 1.3 terabytes of personal data, including:
This data has been used to hold Ticketmaster ransom, demanding $500, 000 USD to prevent the release of this sensitive information.
Buck explained that ShinyHunters, like other "black hat hackers," operate as an organised group with a code of ethics of sorts. They aim to extort funds rather than immediately release stolen data on the dark web. At this stage, there is no indication that the compromised data has been distributed. However, it's crucial to remain vigilant as this situation evolves.
When we hear about data being stolen, it often means that a copy of the data has been made. Buck emphasised the inherent risk in sharing personal and credit card information, acknowledging that trusting large organisations with our data has become a societal norm. However, he advocates for adopting a "zero trust" approach, urging individuals to exercise caution each time they share their personal details.
*Tip* - using a separate debit card to link to online services, instead of your sole credit card can help limit potential financial damage from third party data breaches.
The government is increasingly pressuring businesses to safeguard customer data. Jeffrey Foster, Associate Professor of Cyber Security Studies at Macquarie University, noted that if Ticketmaster refuses to pay the ransom, the data is likely to be sold online and distributed on the dark web for "nefarious activities." This could lead to "identity theft, fraudulent credit applications, and phishing attacks as cybercriminals exploit the stolen information."
Companies are mandated to protect customer data, and failing to do so can severely damage their reputation and result in legal penalties. The onus is on Ticketmaster to comply with data privacy regulations and take immediate action to mitigate the breach's impact.
Typically, after a data breach, phishing attacks increase significantly, so it's crucial to stay vigilant and watch for suspicious emails and messages. If you have a Ticketmaster account, it's essential to take proactive steps:
Data breaches are a stark reminder of the importance of cyber security. By staying informed and adopting a cautious approach, individuals can better protect their personal information in an increasingly digital world.
To listen to the full interview, as featured on ABC Newcastle's Drive Home with Paul Culliver (at 5.05pm), click here.
Diamond IT can help you ensure your technology, policy and staff education programs align with best practice to protect you from the ever-evolving cyber threat landscape. Our Business Technology Consultants and Business Technology Managers (BTMs) are specialists in improving your internal cyber security.
If you need advice on how you can ensure your cyber security strategy is fit for purpose our team of cyber security experts are ready to help. Contact our team on 1300 307 907 today.