In July 2024, Central Tickets experienced a major data breach that compromised users’ personal information, including names, emails, phone numbers and more. Hackread.com managed to track the activity of the hacker behind this breach.
In July 2024, London-based discount theatre ticketing platform Central Tickets experienced a significant data breach that compromised the personal information of some of its users. While the breach occurred on July 1, the company only became aware of it in September 2024, when the Metropolitan Police detected “chatter” on the dark web about the stolen data.
The Breach
Central Tickets confirmed that the breach affected a staging database used for testing purposes, which was separate from their main website and app. Although isolated from the main system, this database contained users’ names, email addresses, mobile numbers, and hashed passwords, all of which were accessed by an unauthorized third party.
Upon discovering the incident, Central Tickets promptly reported it to the Information Commissioner’s Office (ICO) within the required 72-hour timeframe, as per GDPR.
Central Tickets also took immediate action by locking down the compromised database, enforcing a forced password reset for all users, and launching an in-depth investigation into the breach.
In an email to affected users, CEO Lee McIntosh expressed regret and issued a formal apology, assuring customers that the company was committed to strengthening its cybersecurity infrastructure to prevent future incidents.
While the number of affected users has not been disclosed, the company warned that individuals could be vulnerable to phishing attempts and urged them to remain vigilant, particularly when receiving suspicious emails, calls, or text messages.
Information Gathered by Hackread.com
The Hackread.com research team tracked the activities of the alleged hacker behind the Central Tickets breach, who goes by the alias 0xy0um0m. Information obtained by Hackread.com suggests that the hacker had access to Central Tickets’ systems on 2 July 2024.
In a post on 2nd July, the hacker attempted to sell Central Tickets data, which included access to the company’s database and infrastructure for $3,000. This offer remains available for sale. In one post on Breach Forums in September 2024, 0xy0um0m leaked the data of 1 million customers and internal data which includes a trove of data including the following:
- Full names
- IP addresses
- Admin logs
- Referral codes
- Email addresses
- Phone numbers
- Password hashes
- Account creation date
- Events attended by customers
and much more…
For users, the takeaway is clear: regular password updates, enabling multi-factor authentication, and remaining cautious about phishing attempts are key to protecting personal information in today’s digital landscape.
Expert Commentary
In a comment to Hackread.com, James Castro-Edwards, Data protection counsel at Arnold & Porter criticised the fact that Central Tickets only became aware of the incident after being notified by the Metropolitan Police in September.
“The delay between the breach taking place and Central Tickets having detected it exposes those affected to a risk of fraud, for instance by phishing attacks,” James warned. “The company urged users to remain vigilant, monitor their accounts closely, and be cautious of any suspicious calls, emails, texts or websites that could be phishing or scams.“
James emphasised that companies “businesses must make sure that they have measures in place to detect cyber incidents and to respond to such incidents promptly.“
Growing Cybersecurity Threats in Ticketing Platforms
This incident is not an isolated event in the ticketing industry. In recent years, online ticketing platforms have become frequent targets for cybercriminals. One of the most notable breaches occurred in May 2024, when Ticketmaster was compromised by hackers who exploited vulnerabilities in a third-party customer support tool, affecting up to 560 million users.
The Central Tickets breach, while less severe than the Ticketmaster hack in terms of scale, shows the need for cybersecurity measures across the ticketing industry. These platforms handle sensitive user information, including payment details, making them lucrative targets for cybercriminals.
RELATED TOPICS
- See Tickets data breach went undetected for 2.5 years
- Indian Ticketing Platform RailYatri Hacked – 31 Million Impacted
- Ticketfly website hacked & offline after hacker leaks customer data
- Hacker Claims TEG Ticket Vendor Breach: 30M User Records for Sale
- Ticketmaster Breach: Hackers Leak 10M ‘Unrefreshable’ Ticket Barcodes
