Concert promoter Live Nation says it is investigating a cyber attack at its Ticketmaster unit, days after experts urged customers to change their passwords.
Hackers are allegedly offering to sell customer data on the dark web.
The US entertainment giant said it had discovered “unauthorised activity” on 20 May in a third-party cloud database that mostly contained Ticketmaster data.
Live Nation added that “a criminal threat actor offered what it alleged to be company user data for sale via the dark web” on 27 May.
It comes a few days after a little-known cybercrime group named ShinyHunters reportedly said it had stolen user data of more than 500 million customers of the online ticket sales platform.
The hackers are reportedly demanding around $500,000 (£400,000) in a ransom payment to prevent the data being sold.
The breach has not had and is unlikely to have a material impact on Live Nation’s business, the company stated.
Customers were urged by experts to change their passwords after the hacking claims emerged.
The Times reported names, addresses, emails, phone numbers and the partial credit card details from Ticketmaster were being offered for sale online.
ShinyHunters posted samples of the information on a hacker forum while asking $500,000 for a “one-time sale”, the publication added.
Live Nation did not mention ShinyHunters in its filing with the US Securities and Exchange Commission.
The firm said: “We are working to mitigate risk to our users and the company, and have notified and are cooperating with law enforcement.
“As appropriate, we are also notifying regulatory authorities and users with respect to unauthorised access to personal information.
“We continue to evaluate the risks and our remediation efforts are ongoing.”
Authorities in Australia and the US are reportedly talking to Ticketmaster to understand and respond to the incident.
