Ticketmaster has confirmed that the massive 2024 data breach was far worse than initially reported, with 680 million user records compromised — including payment card data for 120 million customers.
What Was Stolen
- Names, email addresses, and phone numbers for 680 million users
- Hashed passwords (older bcrypt and some SHA-1)
- Partial credit card data for 120 million users
- Order history and event attendance records
Forced Password Reset
Ticketmaster is requiring all users to reset passwords by May 1, 2026. Accounts that do not reset will be locked. The company recommends enabling two-factor authentication on all accounts.
Legal Consequences
Multiple class action lawsuits are pending, with attorneys seeking $5 billion in damages. The FTC has launched a formal investigation into Ticketmasters parent company Live Nations security practices.
