More than half a million Ticketmaster users woke to the news they may have had their personal information compromised.
It’s the latest cyber attack to hit a major company.
And for many of us, we may be wondering what we need to do to protect ourselves from hackers and scammers.
So, we spoke to cybersecurity experts to run us through a few simple things you can do.
Did Ticketmaster have a data breach?
Notorious hacker group ShinyHunters claimed to have stolen the personal data of 560 million Ticketmaster customers.
Stan Gallow, BDO forensic services partner and former police detective specialising in tech and cyber fraud, told ABC radio Brisbane around 2 million Australians were affected.
“If you are a subscriber to Ticketmaster then you need to assume you have been breached and should start taking the appropriate precautions,” Mr Gallow said.
The compromised data, amounting to 1.3 terabytes, reportedly includes:
- Names
- Addresses
- Credit card numbers — last four digits and expiry date
- Phone numbers
- Payment details
ShinyHunters is threatening to sell the information online for $US500,000 ($750,000).
A spokesperson from the Department of Home Affairs told the ABC it was “working with Ticketmaster to understand the incident”.
It then directed further enquiries to Ticketmaster.
But we’re still waiting for Ticketmaster to respond to the data breach.
How did my data get breached?
We won’t know that until Ticketmaster speaks on the situation.
“ShinyHunters have historically gone by creating phishing pages of websites to essentially make it look like a Ticketmaster employee login page and then stealing credentials through there,” associate professor of cyber security studies at Macquarie University Jeffrey Foster says.
“But this doesn’t mean they did it that way this time.”
What will happen to the data?
Mr Foster says if Ticketmaster chooses not to pay the ransom, the data is likely to be sold online and distributed across the dark net for “nefarious activities”.
If this were to happen, Cybercriminals would be able to use the data to commit identity theft and fraudulent credit applications.
They might also be able to use the personal information to gain victim’s trust in phishing attacks.
How do I know if I’ve been affected by a data breach?
Check for updates from the hacked company
Cybertrace CEO Dan Halpin says you should watch for email notifications from the company or on social media.
“Ticketmaster may notify affected users directly, so keep an eye on any communications from them,” Mr Halpin says.
It’s a good idea to check your junk inbox.
If you’ve got other old email addresses you barely use anymore, it wouldn’t hurt to check those as well just in case you used them to sign up for services in the past.
Check for unusual banking activity
“If you start seeing unusual bank activity, contact your bank immediately and cancel your cards,” Mr Foster said.
“Go through and figure out what credit cards you use, in this case with Ticketmaster, and have that number cancelled and replaced.”
You should also look out for unexpected bills or notices for services you didn’t sign up for, Mr Halpin says.
Check if your number or emails have been caught up in breaches
Mr Foster and Mr Halpin recommend heading to the HaveIBeenPwned website.
Here, you’ll be able to check to see if your mobile number and email address have appeared in recorded data breaches.
It’ll instantly tell you if your details have been exposed in known unintentional breaches or pastes — where information has been posted to a public website.
But you have to subscribe if you want to see if you’re caught up in sensitive breaches.
The website is operated by Australian security professional Troy Hunt, who maintains a database of known leaked data.
“All the stuff you leave online might one day be out there in the public domain,” Mr Hunt told ABC radio Melbourne.
“And in terms of the Ticketmaster hack, the gut feeling at the moment is that we need to take it seriously, but we do need to hear from them first.”
Get a copy of your credit report
Credit reports allow you to check if someone has tried to apply for credit in your name — for example, taking out a car loan.
ID Care, a not-for-profit charity which describes itself as Australia’s national identity and cyber support service, says:
You are entitled to one free credit report every three months through the official Australian credit reporting agencies.
Here’s where you can go to request your credit history:
- Equifax: provides a free report once every three months
- illion: doesn’t charge for free credit reports. All you need to do is create a free account
- Experian: provides a free report once every three months
ID Care recommends going through each of the three agencies to make sure you don’t miss anything.
But, if a personal theft event just happened, it says to wait a week before applying for the credit report.
Pay attention if you lose mobile phone signal unexpectedly
Look out for SIM jacking — which is where scammers trick mobile phone service providers to give them access to a phone number they don’t own.
“If someone has stolen your phone number they can get access to all your multi-factor authentication,” Ms Foster said.
“So make sure to immediately call your phone company, lock down all your accounts and change your passwords.”
What should I do if I think I have been hacked?
Here are some measures you can take to protect yourself.
Lock down your credit report
“Placing a ban on your credit report can help prevent new accounts from being opened in your name,” Mr Halpin says.
This means that credit reporting agencies can’t share your information with any credit providers unless they are required to do so by law.
But keep in mind placing a short-term freeze can make it difficult to apply for credit yourself during the set period.
You can head to Equifax, illion and Experian to activate a credit ban.
Change your passwords
If you’ve been using the same password for everything, now’s the time to stop.
Create unique and secure passwords for every service.
You can use a password manager to help manage your accounts and avoid keeping digital records of them in email or in computer files.
Use multi-factor authentication where you can
The Australian Cyber Security Centre describes multi-factor authentication as using two or more different actions to confirm your identity after entering your password to log into an account
For example, receiving an authentication code in a text message, or having to enter a specific code generated on a dedicated authenticator app.
“Think of adding [multi-factor authentication] to your account like adding a house alarm that requires a PIN to deactivate,” the centre’s website said.
“It provides you with an extra layer of protection from cybercriminals trying to break in.
“Even if they break through one layer (for example, by guessing your password), they still need to break a second barrier to access your account.”
Who do I contact if my data has been breached?
Mr Halpin recommends contacting the following organisations:
- Australian Cyber Security Centre (ACSC): Offers guidance and support
- ID Care: Support service that can provide advice for applying for your identity documents to be replaced
- Your bank or financial institution: Can try to safeguard your financial accounts
- Credit reporting agencies: Monitor and protect your credit report
- Local law enforcement: File a report to document the incident. This is necessary to replace your drivers license or other state issued identity documents
And Ticketmaster — if your data has been leaked.
Loading…
Posted , updated