← Back to incidents

Incident · Cyber Criminals

Live Nation Entertainment, Inc. · LYV

Communication ServicesUSAIncident May 20, 2024Filed May 31, 2024
Impact score
Business continuity
Insurance involved
Not disclosed
Filing
8-K · 8.01

Breach taxonomy

Cyber CriminalsData ExfilSupply ChainPersonal DataInfo Privacy Loss

Summary

On May 20, 2024, Live Nation Entertainment identified unauthorized activity within a third-party cloud database environment (Snowflake) containing data primarily from its Ticketmaster subsidiary. On May 27, 2024, a criminal threat actor offered the alleged company user data for sale on the dark web. Approximately 560 million Ticketmaster users' personal data was reportedly exposed, including names, addresses, phone numbers, and partial payment card information. Law enforcement and regulatory authorities were notified. Filed under Item 8.01; company determined the incident would not have a material impact on operations or financial condition.

Tagging rationale

ThreatCyber Criminals

Filing explicitly states 'a criminal threat actor offered what it alleged to be Company user data for sale via the dark web' → CYBER-CRIMINALS.

MethodsData ExfilSupply Chain

Data was actively exfiltrated from a third-party cloud database environment (Snowflake), a vendor platform, and subsequently listed for sale on the dark web → DATA-EXFIL + SUPPLY-CHAIN.

AssetsPersonal Data

Unauthorized access to a third-party cloud database environment containing Ticketmaster user data, reportedly affecting approximately 560 million users' personal information → PERSONAL-DATA.

EffectsInfo Privacy Loss

User personal data was exfiltrated and offered for sale on the dark web; no operational disruption confirmed → INFO-PRIVACY-LOSS.

Impact

Approximately 560 million Ticketmaster user records exfiltrated including personal and partial payment data; one of the largest breaches of 2024 by record count, though the company deemed it non-material → score 4.

InsuranceNot disclosed

Filing makes no mention of insurance → null.

Read the original SEC filing excerpt
Item 8.01 Other Events. On May 20, 2024, Live Nation Entertainment, Inc. (the Company or we) identified unauthorized activity within a third-party cloud database environment containing Company data (primarily from its Ticketmaster L.L.C. subsidiary) and launched an investigation with industry-leading forensic investigators to understand what happened. On May 27, 2024, a criminal threat actor offered what it alleged to be Company user data for sale via the dark web. We are working to mitigate risk to our users and the Company, and have notified and are cooperating with law enforcement. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information. As of the date of this filing, the incident has not had, and we do not believe it is reasonably likely to have, a material impact on our overall business operations or on our financial condition or results of operations. We continue to evaluate the risks and our remediation efforts are ongoing.
View SEC filingBack to database

More in Communication Services

Unknown · February 3, 2025

Lee Enterprises, Incorporated

On February 3, 2025, Lee Enterprises experienced a systems outage when threat actors accessed the network, encrypted critical applications,

Cyber Criminals · April 14, 2024

AT&T Inc.

Between April 14 and April 25, 2024, threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and exfiltrated cal

Cyber Criminals · April 14, 2024

Frontier Communications Parent, Inc.

On April 14, 2024, Frontier Communications detected that a cybercrime group had gained unauthorized access to portions of its IT environment