Ticketmaster breach part of a massive credit card skimming operation, analysis shows

The recent Ticketmaster breach of highly sensitive personal and financial information was part of a massive credit card skimming operation that targeted more than 800 e-commerce sites worldwide, new research has found.

The analysis, released Tuesday by global leader in digital threat management, RiskIQ, concluded the data breach — which was primarily in the U.K. — was conducted by a hacking group dubbed Magecart, which has been operational since at least 2015.

“We can only guess how much payment data they were able to steal, but we suspect they have an immense treasure trove of payment details,” RiskIQ wrote in the report.

According to RiskIQ, Magecart targeted software developed by third-party companies that provide code on websites to improve customer experiences. After the hackers crack and alter the code, they can access every website it runs on, potentially jeopardizing millions of users a day.

Late last month, Live Nation Entertainment subsidiary Ticketmaster admitted a serious data breach had potentially compromised roughly 40,000 of its British and international customers who booked tickets from February 2018 and 23 June 2018. Data stolen included names, email addresses, physical addresses, telephone numbers, Ticketmaster logins, and payment card details.

Analysts noted the startling breach was the latest in a growing trend of massive hacks sweeping up personal data.

Equifax, one of America’s three major consumer credit reporting agencies, announced last year that hackers had stolen highly sensitive personal and financial information of more than 145 million Americans, including Social Security numbers, birth dates, credit card numbers, driver’s license numbers and passport numbers.

Tuesday’s RiskIQ report noted that at least 800 e-commerce sites were suspected to have been affected.

Prior to the publication of the RiskIQ analysis, a Ticketmaster spokesperson was quoted as saying it was “hard to comment” without seeing the report and reiterated earlier comments denying RiskIQ’s findings.