Ticketfly.com is back online a week after being hacked, as are "the vast majority" of its venue and promoter websites. But the ticketer is now confirming reports that personal data from 27 million users was accessed by the hacker. At least some of that data has already been posted online.
No credit card information was accessed according to Ticketfly. But names, addresses, email addresses and phone numbers connected to approximately 27 million Ticketfly accounts were accessed by the hacker.
As part of bringing the service back on online, Ticketfly forced a reset for all passwords of all ticket buyers and venue/promoter clients
Ticketfly, which is owned by Eventbrite, was hacked before 6 AM ET last Thursday and a ransom demanded. Ticketfly, whose clients include 1200 top venues and promoters, also maintained the site of many of its cleints. Offline and unable to sell tickets over a busy spring concert weekend were sites including IMP Promotions, a major DC area promoter, its flagship venues The Anthem and Merriweather Post Pavillion, and the site of major Chicago promoter Jam Productions. All are now back online.
The full statement from a Ticketfly spokesperson:
"Last week Ticketfly was the target of a malicious cyber attack. In consultation with third-party forensic cybersecurity experts we can now confirm that credit and debit card information was not accessed. However, information including names, addresses, email addresses and phone numbers connected to approximately 27 million Ticketfly accounts was accessed. Upon first learning about this incident we took swift action to secure the data of our clients and fans. We take privacy and security very seriously and regret any disruption this has caused. We’re extremely grateful for the patience and support of the Ticketfly community."