Hackers leak barcode data for Taylor Swift tickets

Ticketmaster says it uses dynamic barcodes that refresh every few seconds

Fans of Taylor Swift were concerned about disruption to concerts after hackers allegedly linked to the ShinyHunters group claimed to have obtained barcode data for hundreds of thousands of tickets to highly anticipated Eras Tour.

The extortionists, operating under the name Sp1d3rHunters, posted samples of the data on an online forum, including ticket details for Swift's shows in Miami, Indianapolis, and New Orleans.

The group further claimed it possessed barcodes for 30 million additional tickets to other major concerts and sporting events. Hackers are now demanding $2 million from Ticketmaster to prevent further leaks.

"Pay us $2million USD or we leak all 680M of your users information and 30million more event barcodes including: more Taylor Swift events, P!nk, Sting, Sporting events F1 Formula Racing, MLB, NFL and thousands more events," reads the extortion demand by hackers.

Ticketmaster, however, downplayed the threat. The company said its ticketing technology uses dynamic barcodes that refresh every few seconds, rendering the stolen static data useless for gaining entry to an arena.

"Ticketmaster's SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied," Ticketmaster told BleepingComputer.

"This is just one of many fraud protections we implement to keep tickets safe and secure."

Cybersecurity experts agreed with the statement, saying the leaked information wouldn't allow anyone to recreate a valid barcode.

"This data is almost certainly not sufficient to allow someone to recreate a barcode to get in," Don Smith, vice-president at the cybersecurity firm Secureworks, told The Guardian.

"If you're running events of the size and scale of the Eras tour, you are not going to make it easy for someone to just get access to a database and then be able to create a fake ticket."

While ShinyHunters did gain access to ticket data for nine upcoming shows across three US cities, Smith believes it won't disrupt the tour.

"If the thought here was that you're going to create absolute chaos on all future Eras tour dates, I don't think so," he said.

Ticketmaster denies engaging with the extortionists, refuting claims of a $1 million ransom offer.

This isn't the first cyberattack targeting Swift's tour. In February, hackers breached Australian ticketing company Ticketek, compromising Eras tour tickets.

The latest leak comes on the heels of a larger breach earlier this year, where ShinyHunters allegedly accessed Ticketmaster's data through a third-party contractor, compromising information for around 560 million customers. Ticketmaster confirmed the breach in a filing with the US Securities and Exchange Commission in May, after hackers began selling data for $500,000.

The company said the data was stolen from their Snowflake account.

ShinyHunters has a history of large-scale data breaches, targeting firms like AT&T and even leaking millions of phone numbers used for multi-factor authentication. Earlier this year, Seattle's US District Court sentenced a 22-year-old member of the group to three years in prison for his role in a massive hacking campaign targeting over 60 companies.

Live Nation, Ticketmaster's parent company, has faced mounting criticism in recent months. The US Department of Justice filed an antitrust lawsuit against them, while fans remain frustrated by the chaotic Eras Tour ticket sales process.