Ticketmaster Breach

A new leak tied to the Ticketmaster cyberattack has been uploaded, claiming to be a 1 million record sample of the stolen data. The file we’re publishing today is unverified and, at this stage, contains only email addresses and phone numbers. Threat actors have repeatedly insisted that the full dataset is far larger, allegedly encompassing hundreds of millions of Ticketmaster customers worldwide.   
The Ticketmaster breach itself first came to light in mid-2024, when the group ShinyHunters began advertising access to over 560 million customer records on cybercrime forums. At the time, the dataset was described as including names, contact details, payment card fragments, and purchase histories. Security researchers later linked the intrusion to compromised Snowflake-hosted accounts that attackers were able to exploit to harvest data at scale.   
Ticketmaster has acknowledged “unauthorized access” but has avoided specifics on record counts or data types. This lack of clarity leaves consumers guessing-and fuels the market for so-called sample leaks meant to prove the legitimacy of the breach.   
Even if partial, the exposure of emails and phone numbers alone carries risk. Attackers can weaponize these details for targeted phishing, SMS scams, and account takeover attempts. For users, the safest assumption is that their data may already be circulating in underground markets.   
We are sharing the unverified close to 1M-record sample to support public verification and research efforts. If you were a Ticketmaster customer and find your details in this leak-or have additional evidence about the full dataset-we encourage you to reach out to us at contact@databreach.com. Your input will help confirm the true scope of one of the largest consumer breaches to date.