What Happened
In December 2025, EazyTick, a French online ticketing and event management platform, suffered a data breach when a threat actor named “Demetrius” compromised its database and leaked it on a popular hacking forum on December 28, exposing sensitive information of over 20,000 users. The stolen data included full names, email addresses, hashed passwords, phone numbers, profile picture URLs, API tokens, account points, order references, transaction IDs, payment amounts, order statuses, and business details, raising risks of identity theft, financial fraud, and account takeovers. The incident was publicly announced via a forum post providing a download link, prompting cybersecurity alerts and potential class action investigations, though no official response from EazyTick was detailed in reports.
