A Dutch e-ticketing network witnessed a data breach. The whereabouts came to be known after a customer’s database containing 1.9 million unique email addresses was stolen from an unprotected staging server.
This Ticketcounter is a Dutch e-electronic platform which provides many facilities to its customers regarding tickets such as online tickets venue for parks, zoos, museums, and for various other events.
On 21st February 2021, the malicious actors created a topic on a hacker forum to sell a hacked database of Ticketcounter but after some time they shut down the post.
At first, it was believed that the threat actors had to remove their post because of the watchful eyes of the Netherlands Police however, in a conversation with the press – the attackers told that they are not afraid of law enforcement, they just did that when the database was sold privately.
As per the inquiry, it has been observed that from the stolen database, the sensitive credential has been exposed including full names, IP addresses, phone numbers, email addresses, and hashed passwords.
The whole incident of the data breach has been confirmed by the Ticketcounter owner to the press.
“In what should be a model of transparency, Ticketcounter CEO Sjoerd Bakker has told. We copied a database to a Microsoft Azure server to test an 'anonymization process' that replaces personal data with fake data. Unfortunately, after copying the database, it was not secured properly, and the threat actor was able to download it”.
Bakker added, “Shortly after the threat actor was selling the database, the hacker also contacted Ticketcounter and demanded seven bitcoins, or approximately $337,000, not to leak the data. The threat actor warned that if Ticketcounter did not make a payment, they would contact all of Ticketcounter's partners to alert them of the breach”.
The Ticketcounter already contacted its clients and shared the information that has been hacked. “The Ticketcounter is creating various resources for his clients to facilitate these data breach notifications. These include lookup widgets, FAQs, and email templates that clients can share with customers to learn about the breach” Bakker told.