Ticket distribution service Ticketfly was hacked by a culprit who took responsibility for defacing the company's homepage with a message citing poor security as the reason for not apologizing.
The hacker, reported to be IsHaKdZ, aka ThE HaCkEr, originally hacked the website and flagged their success with the image of the V for Vendetta protagonist. That image has since been removed, but the attack remains an issue for Ticketfly, whose website is still down.
The current landing page states, "Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible. Please check back later."
Claiming to have exploited a vulnerability that allowed them to take control of "all database" for Ticketfly and its website, the hacker reportedly asked for 1 bitcoin in exchange for the details, according to Motherboard. Infosecurity Magazine has reached out to Ticketfly, but it has not responded. It appears the company is sharing very little information at this point.
"A Ticketfly spokesperson declined to respond when asked whether the hacker had gotten in touch with the company," Motherboard wrote.
According to The Verge, "A spokesperson for the company reiterated it was the target of a cyber incident, but was unable to comment on whether anyone’s personal information was breached, saying, 'The security of client and customer data is our top priority. We are working tirelessly, and in coordination with leading third-party forensic experts, to get our clients back up and running.'”
A global company, Ticketfly is one of the first victims of a major security incidents post-GDPR. "While the company hasn’t confirmed a breach of customer data has occurred, at face value the hacker’s claim – that he/she managed to access their database via an unpatched vulnerability or misconfiguration – is well within the realm of possibility," said Sanjay Beri, CEO, Netskope.
"We’ve seen this time and time again with organizations failing to properly secure their data, resulting in the exposure of massive datasets on the web. Now the real question is, if a breach did occur, did the database include any PII belonging to EU citizens? If the answer is yes, this situation could escalate quickly.”