Taylor Swift Eras Tour: Hacker Leaks 440,000 Tickets and Raises Ransom Demand

Along with Taylor Swift Eras Tour tickets, the group reportedly possesses around 30 million passes to other events.

A hacking group known as ShinyHunters – thought to be responsible for a recent Ticketmaster data breach impacting half a billion people – is now claiming to have unlawfully obtained 440,000 tickets to Taylor Swift’s Eras Tour. 

According to a post on BreachForums, the group has also upped its initial ransom demand from around $1 million to $8 million after reassessing the damage leaking such data could do to Ticketmaster.

Along with Taylor Swift Eras Tour tickets, the group reportedly possesses around 30 million additional tickets for more than 65,000 events, plus a slew of sensitive customer information including emails.

The Eras Tour Ticket Leak

In May 2024, a hacking group known as ShinyHunters initially demanded a $500,000 ransom from LiveNation, the company that owns Ticketmaster, after it claimed to have access to the records of 560 million users. 

Then, in June, the company sent out a data breach notification to the Office of the District Attorney of Maine, confirming that the hack was real.

Surfshark logo🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.See deal button

However, it now appears that the breach is wider-reaching – and significantly more serious – than first thought. 

“To celebrate the fourth of July, we present to you 440K Taylor Swift Eras game tickets” the group said in a recent BreachForums post, ominously adding that the singer would be “going to congress” instead of performing due to their successful attack. 

According to Hackread, the total value of the tickets stolen is an eye-watering $22 billion – which has led ShinyHunters to up its ransom demands to $8 million. The value of the additional 30 million tickets extracted from Ticketmaster systems, on the other hand, is thought to be around $4.6 billion.

What Data Do The Hackers Have?

Sometimes, with a hack of this size, the data actually exfiltrated from the company in question’s system is only semi-sensitive, or only useful when paired with other data. 

However, there seems to be an enormous range of data taken from Ticketmaster’s systems, if the hackers are indeed in possession of everything they claim to have. 

According to the post, ShinyHunters has obtained 980 million sales orders, order details relating to 680 million individual orders, 1.2 billion party lookup records, over 400 million email addresses, and millions of records from address verification systems. 

The group also says partial details relating to 400 million encrypted credit cards have also been exfiltrated from Ticketmaster’s system. 

ShinyHunters say that their theft amounts to “the largest publicly disclosed non-scrape breach of customer PII (personally identifiable information) of all time”.

What Should You Do if You’ve Been Impacted

As described in the breach notification letter referenced earlier on in this article, Ticketmaster recommends customers “remain vigilant and take steps to protect against identity theft and fraud, including monitoring your accounts, account statements, and free credit reports for signs of suspicious activity.”

The company has also revealed that it is offering a year’s worth of identity monitoring services via Transunion, at no cost to the customer – although you have to enroll within 90 days of receiving the data breach notification. 

We’d advise anyone who thinks they may have been impacted by this breach to take advantage of this offer and take even more precautions than usual when it comes to assessing the legitimacy of email correspondence.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is Tech.co's Content Manager. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol six years ago. Aaron's focus areas include VPNs, cybersecurity, AI and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, Lifewire, HR News and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Explore More See all news
Back to top
close Building a Website? We've tested and rated Wix as the best website builder you can choose – try it yourself for free Try Wix today