U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

TicketClub Italy Database Offered in Dark Web

A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs.  The […]

TicketClub

A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums.

TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases. Their clients include Burger King, McDonald’s, Cinecittà World, Rainbow Magicland, and many other enterprises having coupon and loyalty programs. 

The platform lists coupons in multiple categories including health, travel, food, services, events. The end-user can download the coupons of interest on the mobile app and show during the checkout at partner stores. 

July 19, 2021 – The actor having the alias “bl4ckt0r” has published TicketClub Italy database with over 340,957 users for sale and released several meaningful data dumps which may confirm the breach. The information has been originally published at RaidForums which are known for the illegal selling of any data loss from Internet portals and insecure online services. 

TicketClub

The data breach of such a resource having close ties to the victim’s lifestyle may disclose the vital information affecting user’s privacy globally. Having such data and knowing the interests and preferences of potential victims – will be extremely useful for further hypothetical and future phishing and targeted campaigns.

TicketClub

It is worth mentioning the company had also experienced a similar incident back in April 2020 which resulted in 203,859 customer emails being leaked

For today, many of the company’s customers reported their website is not available.

According to Saraj Pant, cyber threat intelligence analyst with Resecurity, Los-Angeles -based cybersecurity company, it is not the first time such resources have been attacked by cybercriminals. 

May 2018 – Ticketfly, the indie-focused ticketing service that was purchased by Eventbrite, had also suffered a cyber attack. Ticketfly was defaced by an attacker and was subsequently taken offline. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location.

Same year – Ticketmaster’s U.K. division was slapped with a $1.65 million fine by the Information Commissioner’s Office (ICO) in the UK, over its data breach that impacted millions of customers.

“Retail, hospitality and brand loyalty programs databases contain vast amounts of consumers’ data which is always in scope of interests of financially-motivated cybercriminals willing to monetize it or sell it on the Dark Web.” – he added.

The editorial was not able to receive any further comment from TicketClub.

About the author: Gene Yoo, Chief Executive Officer (Resecurity, Inc.)

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, TicketClub)

[adrotate banner=”5″]

[adrotate banner=”13″]