StubHub, an online ticket exchange platform, suffered a significant cybersecurity breach by employees Tyrone Rose and Shamara P. Simmons, who exploited a backdoor in the system to resell nearly 1,000 event tickets, resulting in an estimated $635,000 in fraudulent profits. The compromised tickets spanned various high-profile events, including Taylor Swift’s Eras Tour, Ed Sheeran concerts, NBA games, and the US Open Tennis Championships. This incident not only led to financial loss but also damaged the company's reputation among its customers and partners.
Source: https://www.wired.com/story/stubhub-backdoor-stolen-taylor-swift-tickets/
TPRM report: https://scoringcyber.rankiteo.com/company/stubhub
"id": "stu000031125",
"linkid": "stubhub",
"type": "Breach",
"date": "3/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Online Ticket Exchange',
'name': 'StubHub',
'type': 'Company'}],
'attack_vector': 'Backdoor',
'description': 'StubHub, an online ticket exchange platform, suffered a '
'significant cybersecurity breach by employees Tyrone Rose and '
'Shamara P. Simmons, who exploited a backdoor in the system to '
'resell nearly 1,000 event tickets, resulting in an estimated '
'$635,000 in fraudulent profits. The compromised tickets '
'spanned various high-profile events, including Taylor Swift’s '
'Eras Tour, Ed Sheeran concerts, NBA games, and the US Open '
'Tennis Championships. This incident not only led to financial '
"loss but also damaged the company's reputation among its "
'customers and partners.',
'impact': {'brand_reputation_impact': 'Significant',
'financial_loss': '$635,000'},
'initial_access_broker': {'backdoors_established': 'Yes'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Exploitation of backdoor in the '
'system'},
'threat_actor': ['Tyrone Rose', 'Shamara P. Simmons'],
'title': 'StubHub Ticket Fraud Breach',
'type': 'Fraud',
'vulnerability_exploited': 'Backdoor in the system'}