Cyber Incident Victim: Live Nation Entertainment
Date:
Nov 2022
Location:
United States of America
Summary
A cyberattack targeting Ticketmaster's systems during Taylor Swift tour ticket sales involved bot traffic three times higher than previously encountered, overwhelming Verified Fan access code servers and forcing slowdowns and pauses in sales. While no tickets were illegally obtained, the disruption sparked significant consumer frustration and intensified antitrust scrutiny from lawmakers and competitors, who cited the incident as evidence of monopolistic complacency. The company reported the attack to the FTC and FBI, though perpetrators remained unidentified. Concurrent technical issues at rival SeatGeek during Swift sales were attributed by that firm to broader industry dominance challenges. The incident amplified preexisting Justice Department antitrust inquiries into Live Nation Entertainment's market practices and prompted calls for legislative updates to the BOTS Act and pricing transparency mandates.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In November 2022, Ticketmaster experienced significant disruptions during ticket sales for Taylor Swift’s U.S. tour, which its parent company Live Nation Entertainment later attributed partially to a cyberattack. According to Live Nation President Joe Berchtold’s prepared Senate Judiciary Committee testimony, the incident involved an unprecedented surge of bot traffic—three times higher than any previous event—targeting Ticketmaster’s Verified Fan access code servers. While the automated bots failed to penetrate systems or illegally acquire tickets, the attack forced Ticketmaster to slow down and pause sales operations for several hours to mitigate the impact. The technical issues coincided with overwhelming consumer demand, creating widespread website outages, delayed sales, and frustration among fans attempting to purchase tickets. Berchtold acknowledged operational shortcomings, including the failure to stagger sales over a longer timeframe or adequately set fan expectations about ticket availability. The company reported the cyberattack attempt to the Federal Trade Commission and FBI, though sources indicated investigators had not identified the perpetrators ahead of the January 2023 Senate hearing.
The incident intensified existing antitrust scrutiny against Live Nation and Ticketmaster, prompting the Senate Judiciary Committee to convene a hearing on competition issues in the ticketing industry. Competitor SeatGeek—which handled ticket sales for five Swift concerts and also faced technical difficulties—criticized Ticketmaster’s outage as symptomatic of monopolistic complacency, citing insufficient innovation due to lack of market pressure. Lawmakers and critics framed the disruptions as evidence of anti-competitive practices stemming from Live Nation’s 2010 merger with Ticketmaster, referencing ongoing Justice Department antitrust inquiries predating the Swift incident. Berchtold countered that Ticketmaster had lost market share in an increasingly competitive industry, while advocating for strengthened enforcement of the 2016 BOTS Act to allow civil lawsuits against bot operators and federal legislation mandating upfront ticket pricing transparency. The cyberattack disclosure did not alleviate antitrust concerns, with Senate staff confirming plans to examine the Live Nation-Ticketmaster merger’s legacy during hearings. Immediate consequences included public apologies to Swift and fans, renewed regulatory investigations, and industry-wide debates about bot-driven scalping’s impact on consumer experiences.