Ticketfly Data Breach

Threat Level: Medium
Threat Type: External Account Breach
Advisory Date: 07/13/2023

Description

In May 2018, the website for the ticket distribution service Ticketfly was defaced by an attacker and was subsequently taken offline. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location.

The data included over 26 million unique email addresses along with names, physical addresses and phone numbers.

Impact

A small number of University of Regina user accounts were included in this data breach, affected users have been notified directly.

Data breaches may include usernames and passwords and can often lead to third parties accessing internal systems if users have reused internal passwords across multiple websites.

Resolution

We are asking affected users to reset their passwords to maintain the integrity of their accounts and lock out anyone who may have your access to these credentials.

If you have used this password on any other service, either internal or external, please update those associated accounts as well.

Resources

Use the self-service password reset form: https://novapp.cc.uregina.ca/perl/chpass.pl

Password guidelines: https://www.uregina.ca/is/staff/security/resources/resource-password.html#password-guidelines

Read more about the incident: Globalnews.ca news article

Need assistance? Contact the IT Support Centre:

In person at ED 137 or Archer Library Main Floor Commons