Ticketfly 2018 Data Breach

Ticketfly Event Ticketing Platform Breach (2018): 26 Million Customer Records Including Home Address & Phone Exposed :: Website Taken Offline | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

MisconfigurationTicketingEmail AddressFull NamePhone NumberPhysical Address
Low SeverityWebsite / service breach

Ticketfly Event Ticketing Platform Breach (2018): 26 Million Customer Records Including Home Address & Phone Exposed :: Website Taken Offline

Event ticketing platform (now defunct, acquired by Eventbrite)

Verified by ObscureIQ Intelligence
19/100Breach Risk Index
10Data Value
10Market Recency
2885dSince Breach

Breach Intelligence Summary

Entity: Ticketfly · Actor: Unknown · Sources: 5 references
Attack: Misconfiguration
Profile: Ticketing Platform · Event ticketing and venue commerce services · Event ticketing platform · USA
Timeline: Breach (2018-05-31) · Indexed (Jun 03, 2018) · Year (2018)
Exposure: 26.2M records · 4 fields: Email Address, Full Name, Phone Number, Physical Address
Status: Confirmed

Executive Summary

Ticketfly, an event ticketing distribution service, had its website defaced by an attacker in May 2018 after the company did not respond to a ransom demand. The attacker had discovered a vulnerability and sought payment in exchange for disclosing it. When Ticketfly did not reply, the attacker posted the stolen data to a publicly accessible location and took the site offline. The breach exposed records tied to over 26.2 million accounts. The leaked data included email addresses, full names, phone numbers, and physical home addresses. No passwords appeared in the publicly posted files, but Ticketfly later acknowledged that hashed password values may also have been accessed during the intrusion. For affected individuals, the combination of contact details and home addresses creates real exposure: the data is enough to enable phishing attempts, account takeover efforts, and targeted scams built around event attendance and purchasing history. No widely reported regulatory enforcement action followed the breach, though Ticketfly issued a public incident update disclosing the potential password exposure. Affected individuals face ongoing risk from phishing and impersonation, particularly messages mimicking ticketing platforms or live event brands. Those who reused passwords across services should treat any accounts sharing Ticketfly credentials as compromised.

ObscureIQ assessment: Exposure enables phishing, ticket fraud, account takeover, and event-themed impersonation. Purchase history can also reveal schedules, venues, and social behavior.

Breach Impact

Ticketfly, an event ticketing distribution service, had its website defaced by an attacker in May 2018 after the company did not respond to a ransom demand. The attacker had discovered a vulnerability and sought payment in exchange for disclosing it. When Ticketfly did not reply, the attacker posted the stolen data to a publicly accessible location and took the site offline. The breach exposed records tied to over 26.2 million accounts. The leaked data included email addresses, full names, phone numbers, and physical home addresses. No passwords appeared in the publicly posted files, but Ticketfly later acknowledged that hashed password values may also have been accessed during the intrusion. For affected individuals, the combination of contact details and home addresses creates real exposure: the data is enough to enable phishing attempts, account takeover efforts, and targeted scams built around event attendance and purchasing history. No widely reported regulatory enforcement action followed the breach, though Ticketfly issued a public incident update disclosing the potential password exposure. Affected individuals face ongoing risk from phishing and impersonation, particularly messages mimicking ticketing platforms or live event brands. Those who reused passwords across services should treat any accounts sharing Ticketfly credentials as compromised.

About Ticketfly

Event ticketing platform (now defunct, acquired by Eventbrite)

Why They Hold Your Data

Event-ticketing platforms collect buyer identity, contact details, payment-adjacent records, order history, venue interactions, and attendance-linked data across ticket-commerce workflows.

Recent Developments

Defunct

Data Points Exposed

4 verified field types
Email Address
Full Name High
Phone Number
Physical Address High

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:High
Primary downstream threats:
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
  • Doxxing risk from physical address exposure
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing
  • Physical stalking, mail fraud & identity verification

Recommended Actions

If you believe your information may be included:

Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Ticketfly breach?

Ticketfly, an event ticketing distribution service, had its website defaced by an attacker in May 2018 after the company did not respond to a ransom demand. The attacker had discovered a vulnerability and sought payment in exchange for disclosing it. When Ticketfly did not reply, the attacker…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number, Physical Address.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
Have I Been Pwned
Record & field corroboration
Breach Index
DataBreach.com
Record & field corroboration
Cross-source
9ghz
Independent catalogue listing
Cross-source
Keeper
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation