Ticketfly homepage defaced following theft of customer data

UPDATE (04/06) According to researcher Troy Hunt, Ticketfly had 26 million records posted publicly following the breach, including email and physical addresses, names, and phone numbers. Site still down as of this morning.

Ticketfly, a popular ticket distribution service for club nights and indie events across North America, has taken its website offline as it investigates a “cyber incident” that resulted in its homepage being defaced and customer data being compromised.

Visitors to the events website last night were greeted with the messages ‘Ticketfly HacKed By IsHaKdZ’ and ‘Your Security Down im Not Sorry’ [sic].

The hacked homepage has how been replaced with a statement from Ticketfly that reads: “Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident.

“Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible.”

Following reports that the hacker had successfully obtained files containing sensitive Ticketfly customer data, an update from the company late yesterday confirmed that the breach “has resulted in the compromise of some client and customer information”.

San Francisco-based Ticketfly was acquired by Eventbrite for $200 million last year. The parent company said its systems had not been affected by the hack.

“We’re continuing to investigate the cyber incident and working around the clock to get our systems back up and running,” a Ticketfly spokesperson said.