Someone Is Selling Coachella User Accounts on the Dark Web
Coachella faced a major breach in security after a hacker compromised the festival's database, offering to sell the personal information of nearly 1,000,000 Coachella fans on the dark web.This article originally appeared on Motherboard
A data trader claims to be selling over 950,000 user accounts for the website of popular music festival Coachella. The data includes email addresses, usernames and hashed passwords.
"Coachella complete database dump from this month," the vendor, who uses the handle Berkut, writes in their listing on the Tochka dark web marketplace. (Motherboard could not independently verify that the data was sourced this month).
The stolen data does not contain payment details, according to a sample of over 10,000 accounts that Berkut provided to Motherboard.
Motherboard verified the data by attempting to create new accounts on Coachella.com with 30 of the provided email addresses—every randomly selected addresses was already linked to a current account on the site. Usernames in the dump also corresponded to real accounts, and two victims in the data confirmed they had signed up to the website.
"Yes I've used Coachella's website in the past when I went to the festival, probably 2010, or 2012," one victim told Motherboard in an email.
"I haven't been on the board for a few months but thanks for the info I'll change my password," another wrote.