Two people were arrested in New York City after allegedly using backend access to StubHub’s system to steal the URLs for 900 concert tickets, most of which were for Taylor Swift’s popular Eras Tour.
Queens District Attorney Melinda Katz announced the arrest and arraignment of two people — 20-year-old Tyrone Rose and 31-year-old Shamara Simmons — for a scheme that involved a StubHub contractor in Kingston, Jamaica.
Katz said in a statement that Rose and an unapprehended accomplice worked for the contractor, Sutherland Global Services (SGS), and between June 2022 and July 2023 used their access to StubHub’s system to “find a backdoor into a secure area of the network where already sold tickets were given a URL and queued to be emailed to the purchaser to download.”
Rose and his co-conspirator re-directed the URLs to the emails of Simmons and a now-deceased accomplice, both of whom lived in Queens, New York. In total, Rose and the accomplice sent 993 tickets purchased as part of about 350 StubHub orders.
The co-conspirators downloaded the tickets from the URLs and then posted them on StubHub, allowing them to sell the tickets for a profit of about $635,000.
Most of the tickets were for Swift’s Eras Tour but other tickets were for concerts from musicians like Adele and Ed Sheeran as well as NBA games and US Open tennis events.
“According to the charges, these defendants tried to use the popularity of Taylor Swift’s concert tour and other high-profile events to profit at the expense of others,” Katz said.
“They allegedly exploited a loophole through an offshore ticket vendor to steal tickets to the biggest concert tour of the last decade and then resold those seats for an extraordinary profit of more than $600,000.”
Katz noted that the case was referred to her office by StubHub, which did not respond to requests for comment. The ticket company told local news outlets that when it discovered the scheme, it reported it to the third party vendor SGS, Jamaican law enforcement and to Katz’ office. The employees were promptly fired from SGS, according to StubHub.
Rose and Simmons are facing grand larceny, computer tampering and conspiracy charges. The two will appear in court on Friday and both face a maximum sentence of three to 15 years in prison if convicted.
Katz’ office noted that they are still investigating the case to determine if there are other people involved.
Ticket sales, particularly for Swift’s Eras Tour, continue to be a prime target for cybercriminals targeting ticketing platforms like StubHub and Ticketmaster. Last year Ticketmaster had to dispute claims made on the dark web that hackers had access to working ticket barcodes for several upcoming Taylor Swift concerts and other events.
When tickets for the tour initially went on sale in 2022, the Ticketmaster website was crippled by bots flooding the platform with requests in an effort to jump the line ahead of real life fans.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.
