Ticketfly

Eventbrite-owned ticket distribution service Ticketfly has taken its website offline today after a hacker defaced its frontpage and stole a part of its customer database.

The hack has taken place late yesterday night (US timezones), on May 30. At that time, users trying to purchase tickets reported that the Ticketfly website was showing a defacement message with the now infamous "V for Vendetta" character, the symbol of the Anonymous hacker collective.

"Ticketfly HacKeD By IsHaKdZ," read the website, and "Your Security Down im Not Sorry."

User data briefly available online

Ticketfly admins did eventually discover the hack, but before they took down the defacement message and put the site in maintenance mode, a user also noticed that many CSV files containing user data were also freely accessible via one of the site's URLs.

Since then, that URL has been taken down, and the data is not accessible anymore. Furthermore, Ticketfly replaced the original maintenance message with one admitting to the hack (image above).

"Following a series of recent issues with Ticketfly properties, we've determined that Ticketfly has been the target of a cyber incident," the message now available on Ticketfly's homepage reads.

"Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible. Please check back later."

The site's abrupt downtime caused issues with bars and event organizers selling tickets through the Ticketfly service. Users can't buy tickets either, as all Ticketfly servers are now down.

Hacker asking for a 1 Bitcoin ransom

The hacker behind the Ticketfly defacement and database theft is named IsHaKdZ. Zone-H, a website that archives site defacements includes entries attributed to this nickname going back as far as 2010, albeit it is unclear if it's the same hacker or someone who is misusing an older pseudonym.

IsHaKdZ also left an email address on the defaced website, but the hacker did not respond to a request for comment on the hack before this article's publication.

But the hacker did reply to a CNET reporter, revealing that he asked Ticketfly to pay a 1 Bitcoin ransom to not release the site's data online. Ticketfly did not confirm the ransom demand.

UPDATE [June 3, 05:15 ET]: TicketFly is still down. The company has published a page with more information. In the meantime, the size of the leaked data has been revealed to be of over 26 million user accounts.

Related Articles:

Pentagon Data Breach Exposes up to 30,000 Travel Records

Unwiped Drives and Servers from NCIX Retailer for Sale on Craigslist

British Airways Loses Customer Payment Card Data in Breach

Cracked Logins of 570,000 Mortal Online Players Sold On Forums

Data of 130 Million Chinese Hotel Chain Guests Sold on Dark Web Forum