Events ticketing company Ticketfly has restored its website and the majority of its partner websites after a digital attack last Thursday. The company has now released a statement saying that while personal information for customers was breached, payment information remained secure.
“Last week Ticketfly was the target of a malicious cyber attack,” a Ticketfly spokesperson says in the statement. “In consultation with third-party forensic cybersecurity experts we can now confirm that credit and debit card information was not accessed. However, information including names, addresses, email addresses and phone numbers connected to approximately 27 million Ticketfly accounts was accessed.”
Ticketfly also notes that customer account passwords were not accessed. But, as a precautionary measure, it carried out a force reset for all passwords on June 2nd before bringing systems back online.
The breach was carried out by a hacker called IsHaKdZ. They appeared to have compromised Ticketfly’s webmaster and gained access to a database titled “backstage,” which contains client information for all the venues, promoters, and festivals that utilize Ticketfly’s services. The Ticketfly iOS app, as well as its portal for promoters and analytics / rewards program Fanbase, remain offline.