Eventbrite-owned Ticketfly took its websites offline after a saying it was “the target of a cyber incident.”
The company didn't specify whether or not user information has been compromised but did acknowledge the incident in a tweet.
“Following recent site issues, we determined that Ticketfly has been the target of a cyber incident,” the company tweeted. “To protect our clients and fans, and to secure the website and related data, we have temporarily taken all Ticketfly systems offline. We'll keep you updated.”
The site has been down since 6 a.m. ET and a hacker by the moniker "IShAkDz" is taking credit for the attack after leaving taunting messages across the sites websites that read: "Your security down, I'm not sorry. Next time I will publish database," according to CNet.
The attacker told the news site they had contacted TicketFly about the potential exploit multiple times, but didn't hear back and that they now want the TicketFly to pay 1 Bitcoin currently worth $7,544 to fix their website.
IShAkDz also threatened to publish a databases that appears to contain more than 4,000 spreadsheets full of personal information including email addresses, phone numbers, names and addresses.
While Ticketfly didn't specify the cause of the breach Alex Calic, Chief Strategy and Revenue Officer of The Media Trust told SC Media he suspects a third party vendor was exploited by the attacker to gain access to the site.
“Websites like Ticketfly's are supported by an extended network of at least 20 third parties, many of whom have their own third parties,” Calic said. “This mix of third parties can change each day and execute anywhere from 50-95 percent of code that operate outside the purview of Ticketfly's IT.
The affected firms can collaborate on catching the results of a hacker's exploit and on minimizing the damage through shared policies, contracts, and the enforcement thereof, as well as continuous, real-time scanning, he added.