Ticketcounter

The TicketCounter leak in 2021 compromised approximately 3,006,799 records, exposing sensitive information about users who had bought concert tickets from the Israeli ticketing platform.


The leak was caused by a vulnerability in TicketCounters authentication system, which allowed an attacker to gain unauthorized access to the platforms database. The vulnerability was exploited by a third-party developer who had been granted access to TicketCounters systems to perform maintenance tasks.


As a result of the vulnerability, the attacker was able to extract a massive amount of data from the TicketCounter database, including personal information such as names, email addresses, phone numbers, and payment details. The leaked data also included information about the concert tickets purchased by users, including the event name, date, and time.


The leak was discovered by vpnMentor, a cybersecurity company, which notified TicketCounter of the breach and worked with the company to develop a plan to contain the damage and notify affected users. TicketCounter has since taken steps to address the vulnerability and improve its security protocols to prevent similar breaches in the future.