Breach taxonomy
Summary
On May 20, 2024, Live Nation Entertainment identified unauthorized activity within a third-party cloud database environment (Snowflake) containing data primarily from its Ticketmaster subsidiary. On May 27, 2024, a criminal threat actor offered the alleged company user data for sale on the dark web. Approximately 560 million Ticketmaster users' personal data was reportedly exposed, including names, addresses, phone numbers, and partial payment card information. Law enforcement and regulatory authorities were notified. Filed under Item 8.01; company determined the incident would not have a material impact on operations or financial condition.
Tagging rationale
ThreatCyber Criminals
Filing explicitly states 'a criminal threat actor offered what it alleged to be Company user data for sale via the dark web' → CYBER-CRIMINALS.