Entertainment giant Live Nation has confirmed its ticketing subsidiary Ticketmaster has been hacked.
Live Nation confirmed the data breach in a legally required filing with government regulators late on Friday after the markets closed.
In its statement, Live Nation said it “identified unauthorized activity within a third-party cloud database environment containing Company data.”
The company did not name the third-party cloud database. Amazon Web Services hosts much of Live Nation and Ticketmaster’s infrastructure, according to a since-removed customer case study on Amazon’s website.
Live Nation said the breach occurred on May 20, and that a cybercriminal on May 27 “offered what it alleged to be Company user data for sale via the dark web.” The company did not say who the personal information belongs to, though it’s believed to relate to customers.
A spokesperson for Live Nation did not immediately return a request for comment Friday from TechCrunch or over the past few days. It’s not clear why it took the company more than a week to publicly disclose the breach.
Earlier this week, the administrator of a since-revived popular cybercrime forum called BreachForums claimed to be selling the personal information of 560 million customers, including the alleged personal information of Ticketmaster customers, along with ticket sales and customer card information.
Until now, Live Nation had not commented on the alleged data breach. Earlier this week, Australian authorities confirmed it was assisting Live Nation with a cybersecurity incident, and U.S. cybersecurity agency CISA deferred comment to Live Nation.
TechCrunch on Friday obtained a portion of the allegedly stolen data containing tens of thousands of records, and through a series of checks, TechCrunch verified on Friday that the records we checked belong to Ticketmaster customers.
Earlier in May, the Department of Justice and 30 attorneys general sued Live Nation to break up the ticketing conglomerate, accusing Live Nation of monopolistic practices.
This story is developing. More soon…