Published: July 27, 2024 on our newsletter Security Fraud News & Alerts Newsletter.
In a recent and massive Ticketmaster data breach, which you have probably heard of, 560 million customers had their data stolen. The hacker known as Sp1d3r posted the PII of one million breach victims for free after Ticketmaster refused to pay the $500,000 demand for the return of the hijacked data.
According to the post by hacker Sp1d3r, the blame for posting the hefty cache of PII freebies rests squarely on Ticketmaster not caring for the “privacy” of its customers. Notorious hacking group ShinyHunters claimed responsibility for the breach, offering the entire 1.3 terabytes of stolen data for sale on BreachForums for a $500,000 price tag.
Who Really Pays?
Ticketmaster’s total revenue last year was estimated at more than $22 billion, leaving many to wonder why the company refuses to pay the hacking group’s demand. Ticketmaster’s parent company, Live Nation, was also affected by the breach. The data stolen from Ticketmaster customers is a treasure trove of PII including names, phone numbers, email and physical addresses, payment card numbers, and expiration dates.
When a data breach of any size demands the affected organization pay up or risk exposing the data, remember, the FBI recommends never paying a ransom demand as it only encourages further attacks. Below are a few steps business administrators can take surrounding a data breach.
Create a data breach response team. A team responds quickly to the breach, often limiting the damage from a cyberattack.
Learn what data was compromised. Depending on the organization, the stolen data can range from sensitive company information to customer data and everything in between.
Notify those affected by the breach and consider offering free credit monitoring. That way, victims can monitor their own data, limiting their exposure and vulnerability.
Require all employees, customers, and vendors use two-factor authentication (2-FA). Implementing additional identity verification adds a layer of security.
Implement employee cybereducation. Since employees are often the first and line of defense against attackers, an educated staffer can stop a breach before it starts.
Whether the stolen info involves sensitive organization documents or risks exposing customer data, having a breach plan in place before a cyberattack happens is always the best response. Remember, a small business is still a target for cyberattacks and the cost of a data breach to one of them costs a lot more than the price of a concert ticket.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com
Comments