News | International
13 Jul 2024 19:06
NZCity News
NZCity CalculatorReturn to NZCity

  • Start Page
  • Personalise
  • Sport
  • Weather
  • Finance
  • Shopping
  • Jobs
  • Horoscopes
  • Lotto Results
  • Photo Gallery
  • Site Gallery
  • TVNow
  • Dating
  • SearchNZ
  • NZSearch
  • RugbyLeague
  • Make Home
  • About NZCity
  • Contact NZCity
  • Your Privacy
  • Advertising
  • Login
  • Join for Free

  •   Home > News > International

    Investigators have revealed how hackers allegedly stole Ticketmaster data. Realistically, will they be punished?

    Only one person from the nefarious hacking syndicate responsible for Ticketmaster's data breach has ever been convicted for cyber crime. What are the chances anyone goes to jail over this latest hack?

    An international hacking syndicate is allegedly responsible for stealing millions of customer records in cyber attacks on Pizza Hut, an Indonesian e-commerce site and now, Ticketmaster.

    Only one member has ever been prosecuted over the group's activities.

    Sebastien Raoult was a French citizen living in Morocco when he caught the attention of authorities for his involvement with the ShinyHunters hacking group in 2022.

    During the course of four years, ShinyHunters stole 200 million customer records from more than a dozen companies when authorities caught up with Raoult.

    He was extradited to the US for his involvement with the group, and was ordered to pay $7.5 million in restitution.

    ShinyHunters persist

    ShinyHunters latest claimed hit in May was on Ticketmaster, and reportedly included names, addresses, credit card numbers (the last four digits and expiry date), phone numbers and payment details.

    About 2 million Australians were potentially impacted, and ShinyHunters threatened to sell the information online for $750,000. 

    An investigation from Google-owned security firm Mandiant detailed how the attack likely played out.

    Mandiant said they were first notified through "threat intelligence" that a customer's credentials had been compromised through the cloud storage facility Snowflake.

    "During this investigation, Mandiant determined that the organisation's Snowflake instance had been compromised by a threat actor using credentials previously stolen via infostealer malware," the company said.

    "The threat actor used these stolen credentials to access the customer's Snowflake instance and ultimately exfiltrate valuable data."

    Snowflake stores and analyses customer databases and information for businesses around the world — including Ticketmaster.

    A month later, only one arrest

    ShinyHunters group announced the arrest of one of its administrators shortly after one of its forums were seized by the federal bureau, following an investigation into the hack.

    "We regret to inform you that administrator Baphomet (our "space cowboy"), has been arrested, leading to the seizure of pretty much all of our infrastructure by the FBI," the group posted.

    "At this point, the future of our forum remains uncertain. No members of ShinyHunters have been arrested. We are currently waiting for further confirmations from our staff, and we will keep you updated with any new announcements in this channel."

    However, the FBI said it could not comment about any potential arrest and declined to say whether anyone had been taken into custody in relation to the hack.

    Will anyone be arrested over the Ticketmaster hack?

    Australia has recently had some wins on the cybersecurity front in the last two years, making several arrests as part of Operation Nebulae and Operation Hurricane between the AFP and state police forces.

    Nebulae resulted in the arrest of five people in Australia in April, and 32 overseas, after an investigation into the platform LabHost, where criminals would trick victims into providing their online banking logins, credit card details and passwords through persistent phishing attacks.

    Hurricane was the result of an investigation into a 2022 hack on Optus, where the data of 9.8 million former and current customers were stolen. 

    Both operations required significant work and collaboration between interstate and international policing agencies, and Dr Nigel Phair from Monash University said these kinds of prosecutions were often few and far between.

    He said chances of an arrest over the Ticketmaster hack was "virtually nil".

    "Australian police have arrested and charged a very small proportion of cyber criminals, this is disappointing as there are so few cyber investigations which take place," he said.

    "In reality, all Australia can do is to disrupt the activities of cyber criminals in an effort to drive cyber criminals to commit their exploits against other jurisdictions."

    Dr James Martin from Deakin University agreed.

    "I wouldn't put any money on it," he said.

    "Police are really doing everything they can, but when they're faced with jurisdictional problems, there's not much they can do.

    "It's possible, but it would be a very, very outside chance."

    Dr Martin said cybercriminals were often in countries that had fractured relationships with the West, and if they were responsible for an attack it could be difficult getting international cooperation to prosecute them.

    He said governments often did use the tools they had at their disposal, but for hackers in countries such as Russia or China, it was difficult to get an arrest.

    "I think there really is a crisis going on here," Dr Martin said.

    "We hear about Medibank and Ticketmaster and these really big data breaches, but they are actually the minority.

    "When you look at the fastest growing crime and the crimes that inflict the most economic damage in Australia, it's cyber crime and all the trends are going the wrong way.

    "It's not just Australia that's impacted … we don't really have a good response to it because none of our traditional justice systems, arrests or prosecutions — we don't get any deterrent value out of any of that stuff.

    "If you're in Moscow, you couldn't care less about what the AFP are doing."

    Dr Phair, who is an analyst in technology and crime, said Australian authorities could do a lot more to address rising rates of cybercrime.

    "Firstly we need organisations to undertake a competent risk management exercise with respect to the data they hold, we need individuals to better protect their personal information, and we need our law enforcement agencies to commit much more resources to investigating cyber crimes," he said.

    The federal government is yet to hand down its report into the capability of law enforcement to respond to cybercrime, but it has so far received 38 submissions.

    Ticketmaster has been contacted for comment.

    © 2024 ABC Australian Broadcasting Corporation. All rights reserved

     Other International News
     13 Jul: Meta lifts restrictions on Donald Trump's Facebook and Instagram accounts
     13 Jul: Wimbledon finalist Novak Djokovic hints Nick Kyrgios may make US Open comeback
     13 Jul: Joe Biden reassures supporters 'I'm OK' as Democrats remain split over US election prospects
     13 Jul: A contaminated cooking oil scandal in China has provoked outrage and raised fears over safety
     13 Jul: How 'The Rascals' of Melrose Park Football Club have taken their traumatic journey and turned it into a positive
     13 Jul: It took 14 years, but British Labour was finally elected. What took them so long?
     13 Jul: How the US-built pier to get aid into Gaza was supposed to work — and why it didn't
     Top Stories

    Any sign of uncertainty from England over the All Blacks' game plan has disappeared, heading into tonight's second test at Eden Park More...

    ew electric passenger trains have arrived in Auckland - with more due over the next few weeks More...

     Today's News

    Khloe Kardashian admitted she "probably" would have tried Ozempic when she was trying every other fad diet 19:04

    Kiwi wing trimmer Blair Tuke has revealed that planning the optimal build-up for the big SailGP finale has been tricky 18:57

    Accident and Emergency:
    Chances of finding any survivors from a Nepal landslide are fading 18:37

    Queen Camilla has named a dog working for a charity after her grandson 18:34

    A clutch home win for the Northern Mystics in the ANZ netball Premiership 18:07

    Bob Odenkirk believes being "oddly earnest" led to him losing out on the lead role in 'The Office' 18:04

    Kris Jenner has hinted she might get married when she turns 70 next year 17:34

    Law and Order:
    A judge has called a Waikato man a coward, after punching his 30-week pregnant partner 17:27

    Prince William "truly" believes homelessness can be "ended" 17:04

    The struggling Southern Steel netball side are searching for a new coach 16:57

     News Search

    Power Search

    © 2024 New Zealand City Ltd