Promoter Goldenvoice has confirmed that The Coachella festival site has been hacked and the user data of hundreds of thousands of attendees stolen.
“We recently discovered that unauthorized third parties illegally gained access to the usernames, first and last names, shipping addresses, email addresses, phone numbers and dates of birth individuals provided to Coachella,” a Goldenvoice email to Coachella attendees read. “We have confirmed that no user passwords were stolen.” The promoters also say that no financial information was stolen.
But an investigation by Vice's Motherboard blog found that a dark web trader is selling 360,000 Coachella user accounts and 590,000 Coachella message board accounts. A sampling of 10,000 accounts analyzed by Motherboard did include passwords and other data, including IP addresses. Motherboard also did a random sampling of 30 accounts to verify that they were in fact created by Coachella attendees.