The ticket issue service "Ticketfly" which was hijacked by the website and requested 1 bit coin stops the service
We offer online ticketing serviceTicketflyWas hacked on May 31, 2018, and the content of the website was rewritten. Ticketfly temporarily stops the service in order to deal with problems and secure customer data.
Hacker Defaces Ticketfly's Website, Steals Customer Database - Motherboard
https://motherboard.vice.com/en_us/article/mbk3nx/ticketfly-website-database-hacked-data-breach
Ticketfly Website Offline After Hack - Variety
https://variety.com/2018/digital/news/ticketfly-hack-1202826638/
The screen of Ticketfly's top page after tampering can not be confirmed by stopping the service, but the screen shot of the screen is released on Twitter by the user who accessed it immediately after tampering. On the screen after tampering, a hacker honoring IsHaKdZ hacked Ticketfly, and a message stating "Your security has gone down, I do not think it is bad," a hacker's contact email address was stated I understand this. Moreover, although it is missing in this image, it says that a message that can be taken as a threat of "to disclose the contents of the database next" is described under the mail address.
Check the homepage.pic.twitter.com/KPDu6PsjIJ
- Michael Stenberg (@ Michael Stenberg)May 31, 2018
Ticketfly grasping this situation stops the service. After that, a spokesperson from the company said, "Ticketfly has become a target of cyber crime, so we are temporarily taking the Ticketfly system off line, investigating problems and prioritizing security of customer data. We will do our utmost to work the system again in cooperation with the security organizations of the three parties. "
MotherboardReporters are in contact with IsHaKdZ via e-mail, and hackers have been shown to Ticketfly "Requesting 1 bit coin in exchange for vulnerability information details". IsHakdZ has released data that is said to have been obtained from the database of Ticketfly to this reporter and includes items such as "name", "e-mail address", "telephone number", etc. that are considered to be customer data, details of employees There seems to be a spreadsheet with information recorded. Although the authenticity of the data is not certain, it has been confirmed that some of the contents of the data matched the actual one.
Ticketfly's service is still stopped at the time of article creation and the top page says "Ticketfly judged that it was a target of cyber crime and temporarily taken off the line of Ticketfly's system for investigation I am trying to bring the system back online as soon as possible. For specific events please check the social media account of the venue and promoter. "
Related Posts:
in Web Service, Security, Posted by darkhorse_log