Ticketing website Ticketfly was the target of a major data breach Thursday in which the site was hacked and its front page was briefly replaced with artwork depicting a person in a Guy Fawkes mask, according to Motherboard, a tech microsite of Vice.com.
The mask of Fawkes, a 17th century anarchist in England, was popularized in the movie “V for Vendetta” and has become a symbol of the hacking community.
Ticketfly confirmed that it suffered a “cyber incident,” leading to the company having to shut down its website and put up a landing page (which was still up as of this writing) that said this:
Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident. Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible. Please check back later.
On Twitter, Ticketfly posted this message: “Following recent site issues, we determined that Ticketfly has been the target of a cyber incident. To protect our clients and fans, and to secure the website and related data, we have temporarily taken all Ticketfly systems offline. We’ll keep you updated.”
To make matters worse, the hacker reportedly sent Motherboard what he described as personal information of Ticketfly customers and employees. According to Motherboard, the CSV spreadsheet files number in the thousands and appear to contain names, home and email addresses, and phone numbers.
Motherboard reported that in an email conversation, the perpetrator claimed that he had warned Tickefly that its site had a major vulnerability that would allow someone to commandeer its entire database. The hacker shared two emails between himself and Ticketfly employees that appear to back up the allegations, Motherboard said.
“Hi bill i’m the hacker,” Motherboard said the subject line reads in one of the emails. “Your database and your file I have it.”
If you’ve used Ticketfly in the past, you may want to pay close attention to your account as more information becomes known about this incident. Motherboard’s Lorenzo Franceschi-Bicchierai, who writes about cyber security, tweeted that, “Right now, it DOES NOT appear that credit card numbers or passwords were compromised.”
Money expert Clark Howard says the #1 way to protect your financial information is by following this two-pronged approach:
- Sign up for a CreditKarma.com or CreditSesame.com to get free credit monitoring and be notified when anyone tries to access your personal info. Here’s a step-by-step rundown of how to do it.
- Freeze your credit at the three major credit-reporting bureaus. Here’s an in-depth guide on how to contact Equifax, TransUnion and Experian to freeze your accounts.