Ticketmaster logo

Ticketmaster hackers release stolen ticket barcodes for Taylor Swift Eras Tour [updated]

The cybercriminals who claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour.

As proof, an entity using the handle Sp1d3rHunters, a merger of Sp1d3r and ShinyHunters who are both aliases associated with the breach, leaked 170k barcodes for free for Taylor Swift’s ERAS Tour.

In a post on the infamous stolen data site BreachForums, Sp1d3rHunters is offering many thousands of tickets for upcoming Taylor Swift concerts in three cities in the US: Miami, New Orleans, and Indianapolis.

Sp1d3rHunters offering free Taylor Swift tickets
Post by Sp1d3rHunters

The post includes a link to a free tutorial on how to make your own printable barcode tickets.

It also includes a threat to Ticketmaster:

“Pay us $2million USD or we leak all 680M of your users information and 30million more event barcodes including:

more Taylor Swift events, P!nk, Sting, Sporting events F1 Formula Racing, MLB, NFL and thousands more events.”

This is the second release of data from the breach, after the cybercriminals–then posting under the name Sp1d3r–gave away one million records including full details (name, address, email, and phone) of Ticketmaster customers.

For Ticketmaster, the release of free Taylor Swift tickets could turn out to be a costly affair. It’s not just the value of the tickets that’s at stake. The company will also need to reissue the tickets to their rightful owners, as well as no doubt deal with more than the expected number of visitors to those concerts, leading to the need to employ extra security staff. All that and we’ve not yet touched on the reputational damage, which already is substantial but is likely to grow even more.

Even though it may be tempting, we would advise against trying to use these “free tickets.” Given the timeframe until the events, Ticketmaster should have enough time and opportunity to invalidate the stolen tickets, and you are likely to receive exactly what you paid for: nothing.

Swifties should also be wary of phishing attempts that will undoubtedly try to capitalize on the news that “free tickets” are available.

Update July 7, 2024

Sp1d3rHunters claims to have leaked another 30K+ tickets for main events.

The leaked tickets allegedly are for events inlcuding:

  • P!NK: Summer Carnival 2024 (Multiple cities)
  • Aerosmith: PEACE OUT The Farewell Tour – (10+ cities)
  • Chris Brown – The 11:11 Tour
  • Neil Young – Crazy Horse – Love Earth Tour July 08
  • Alanis Morissette – The Triple Moon Tour – July 13
  • Red Hot Chili Peppers: Unlimited Love Tour – July 17
  • Bruce Springsteen and The E Street Band 2024 Tour
  • USHER: Past Present Future
  • Pearl Jam
  • Sammy Hagar
  • Stevie Nicks
  • Steve Miller Band
  • Cirque du Soleil

Check your exposure

While matters are still unclear how much information was involved, it’s likely you’ve had other personal information exposed online in previous data breaches. You can check what personal information of yours has been exposed with our Digital Footprint portal. Just enter your email address (it’s best to submit the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report.


We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

ABOUT THE AUTHOR

Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.