The hacker posted several Ticketfly database files to a public server, and Hunt found that they contained 26,151,608 email addresses. Many users' names, phone numbers and home and billing addresses were also compromised. Ticketfly confirmed those personal details were included in the breach, but not the number of people affected. Nobody's credit card information or passwords were found in the files, but the hacker has threatened to post more data, presumably if their ransom demands are not met.
According to Motherboard, the hacker informed Ticketfly of a security vulnerability. The attacker demanded a ransom of one bitcoin to reveal the flaw and help fix it, but did not receive a response. The hacker then defaced the site, prompting the company to take it offline. Ticketfly is bringing its systems back online for clients (i.e. venues selling their own tickets), though its own website and app remain down for now.