Ticketfly

Eventbrite-owned ticket distribution service Ticketfly has taken its website offline today after a hacker defaced its frontpage and stole a part of its customer database.

The hack has taken place late yesterday night (US timezones), on May 30. At that time, users trying to purchase tickets reported that the Ticketfly website was showing a defacement message with the now infamous "V for Vendetta" character, the symbol of the Anonymous hacker collective.

"Ticketfly HacKeD By IsHaKdZ," read the website, and "Your Security Down im Not Sorry."

User data briefly available online

Ticketfly admins did eventually discover the hack, but before they took down the defacement message and put the site in maintenance mode, a user also noticed that many CSV files containing user data were also freely accessible via one of the site's URLs.

Since then, that URL has been taken down, and the data is not accessible anymore. Furthermore, Ticketfly replaced the original maintenance message with one admitting to the hack (image above).

"Following a series of recent issues with Ticketfly properties, we've determined that Ticketfly has been the target of a cyber incident," the message now available on Ticketfly's homepage reads.

"Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible. Please check back later."

The site's abrupt downtime caused issues with bars and event organizers selling tickets through the Ticketfly service. Users can't buy tickets either, as all Ticketfly servers are now down.

Hacker asking for a 1 Bitcoin ransom

The hacker behind the Ticketfly defacement and database theft is named IsHaKdZ. Zone-H, a website that archives site defacements includes entries attributed to this nickname going back as far as 2010, albeit it is unclear if it's the same hacker or someone who is misusing an older pseudonym.

IsHaKdZ also left an email address on the defaced website, but the hacker did not respond to a request for comment on the hack before this article's publication.

But the hacker did reply to a CNET reporter, revealing that he asked Ticketfly to pay a 1 Bitcoin ransom to not release the site's data online. Ticketfly did not confirm the ransom demand.

UPDATE [June 3, 05:15 ET]: TicketFly is still down. The company has published a page with more information. In the meantime, the size of the leaked data has been revealed to be of over 26 million user accounts.

Related Articles:

Hackers Stole a Third of Singapore's Healthcare Data, Including Prime Minister's

5 Examples of How Cheating in Fortnite Gets You Infected

Database Ransom Attacks Hit CouchDB and Hadoop Servers

California Voter Database Compromised in MongoDB Incident

Weight Watchers IT Infrastructure Exposed via No-Password Kubernetes Server