TicketClub Italy database leaked. Threat actors hosted the data on the darknet. Further complications like targeted phishing campaigns may follow...
TicketClub, an Italy-based corporation that supplies coupons for offline purchases, suffered a breach that led to the hosting of their database on Darknet. It is a mobile-based company serving clients like McDonald’s, Rainbow Magicland, Burger King, etc.
Threat actor with the alias bl4ckt0r hosted the TicketClub Italy database with about 340,957 users for sale on the Darknet on July 19, 2021, and revealed some data to confirm the breach. At first, RaidForums - an infamous site for selling leaked data on online portals, published the information about the breach.
The breached information is considered as sensitive as it contains confidential data directly impacting the company's users globally. According to security researchers, possessing such data, the threat actors can cause further damage by targeted phishing campaigns. The company faced a similar attack back in April 2020 that led to the leak of about 203,859 users.
Threat intelligence analyst with Resecurity Saraj Pant said that cybercriminals frequently attack such types of resources. In May 2018, a similar indie-focused ticket providing service faced a cyberattack. He also stated that "Sectors like retail, hospitality, and brand loyalty company's databases include enormous amounts of consumer data which is an attraction for financially-motivated criminals willing to host and sell the data on Darknet."