Someone Is Selling Coachella User Accounts on the Dark Web
If you're a fan of flower headdresses, watch out.
A data trader claims to be selling over 950,000 user accounts for the website of popular music festival Coachella. The data includes email addresses, usernames and hashed passwords.
"Coachella complete database dump from this month," the vendor, who uses the handle Berkut, writes in their listing on the Tochka dark web marketplace. (Motherboard could not independently verify that the data was sourced this month).
The stolen data does not contain payment details, according to a sample of over 10,000 accounts that Berkut provided to Motherboard.
Motherboard verified the data by attempting to create new accounts on Coachella.com with 30 of the provided email addresses—every randomly selected addresses was already linked to a current account on the site. Usernames in the dump also corresponded to real accounts, and two victims in the data confirmed they had signed up to the website.
"Yes I've used Coachella's website in the past when I went to the festival, probably 2010, or 2012," one victim told Motherboard in an email.
"I haven't been on the board for a few months but thanks for the info I'll change my password," another wrote.
According to Berkrut's listing, around 360,000 of the accounts relate to the main Coachella website, and another 590,000 concern the message board. The latter set allegedly includes more information such as the user's IP address. Berkrut is selling the data for $300.
Coachella did not immediately respond to Motherboard's request for comment. We will update this post if we receive a response.
The lesson: Even when doing something as trivial as signing up to a music festival website, we are constantly giving out personal data concerning ourselves. Once you've downloaded a password manager, the software can quickly and easily generate unique logins for any site you might use, meaning that when a random site you used months or years ago suffers a data breach, hackers won't be able to do all that much with the stolen info.
Another day, another hack.