Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.

Taylor Swift’s Tour at Risk: Hacker Demands $2 Million from Ticketmaster for 170k Stolen Barcodes

Pietro Melillo : 5 July 2024 19:24

A cyber incident has hit Ticketmaster, with a malicious actor issuing a ransom demand, threatening to release sensitive data unless a payment of $2 million USD is made.

The hacker claims to possess 170,000 barcodes related to Taylor Swift’s ERAS tour events, along with a vast amount of additional data, including user information and barcodes for numerous other events.

Ransom Details and Compromised Tickets

According to the cybercriminal, the compromised barcodes include tickets for Taylor Swift’s concerts on the following dates and locations:

  • October 18, 2024, Miami – 20,000 tickets
  • October 19, 2024, Miami – 20,000 tickets
  • October 20, 2024, Miami – 23,000 tickets
  • October 26, 2024, New Orleans – 16,000 tickets
  • October 27, 2024, New Orleans – 16,000 tickets
  • October 28, 2024, New Orleans – 18,000 tickets
  • November 01, 2024, Indianapolis – 18,000 tickets
  • November 02, 2024, Indianapolis – 17,000 tickets
  • November 03, 2024, Indianapolis – 18,000 tickets

In a statement, the hacker threatens to release all 680 million user records and 30 million additional event barcodes if Ticketmaster does not comply with the ransom demand. The additional barcodes reportedly include more Taylor Swift events, as well as tickets for other high-profile events featuring artists like P!nk and Sting, and sporting events such as Formula 1, MLB, and NFL.

Reactions and Verification

At this time, we cannot confirm the veracity of the breach, as the organization has yet to release any official statement on its website regarding the incident. Therefore, this article should be considered as an ‘intelligence source’.


The possible cyber attack on Ticketmaster represents a significant risk to user data security and raises questions about the vulnerability of online ticket sales platforms. It remains to be seen how Ticketmaster will respond to this threat and what measures will be taken to prevent such incidents in the future.

The situation will be closely monitored, as the repercussions of a potential data leak could be significant for both users and the events and entertainment industry.

As is our custom, we always leave space for a statement from the company if they wish to provide us with updates on the matter. We will be happy to publish such information in a specific article highlighting the issue.RHC will monitor the development of the situation in order to publish further news on the blog, should there be substantial updates. If there are individuals with knowledge of the facts who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"