HomesecurityEuropean e-ticketing platform suffered a data breach

European e-ticketing platform suffered a data breach

The Dutch platform e-ticketing Ticketcounter suffered infringement data, after an unauthorized user stole a database users containing 1,9 million addresses e-mail from an unprotected staging server.


Ticketcounter is an e-ticketing platform that allows customers, such as zoos, parks, museums and events, provide online tickets.

On February 21, a cyber criminal created a topic in one hacking forum for the sale of the stolen base data of Ticketcounter. However, a little later, he removed the post.

Initially, it was said that hacker took out the ad because he was afraid it might be noticed by her Dutch Police. However, the scammer told BleepingComputer that he was not afraid of the police but removed the ad, because the Ticketcounter database was sold privately.

According to some samples of the database seen by BleepingComputer, the exposed items may include: full names, addresses e-mail, phone numbers, IP addresses and hashed passwords.


E-ticketing Ticketcounter platform confirmed the breach

Ticketcounter confirmed the violation data. The CEO of the e-ticketing platform, Sjoerd Bakker, stated that there was no proper protection of the staging server and that a cyber criminal managed to download the database with the data of users.

Bakker said shortly after the post about the sale of the database, the hacker also contacted Ticketcounter and asked for seven Bitcoin, or about $ 337.000, to prevent data from being leaked. The criminal said that if Ticketcounter did not give him the cryptocurrencies, he would contact all the partners of the platform to inform them about the data breach.

However, the Ticketcounter had already informed all customers on about infringement and stolen data. As the actual ticket buyers are customers of Ticketcounter customers, each customer of the platform notifies buyers of the breach.

The e-ticketing platform facilitates these breach alerts with lookup widgets, FAQs and e-mail templates that her clients can share with their clients to report the breach.

Since he did not receive Bitcoin, the hacker posted the database to a hacking forum.

data breach

Those who are concerned about their details can submit their email to Have I Have Pwned to see if the data they have leaked.

Source: Bleeping Computer

Digital Fortress
Digital Fortress
Pursue Your Dreams & Live!