The FBI has indicted Moulak O. Ishak for a May 2018 hack that took down Ticketfly’s servers and temporarily disabled the infrastructure powering much or the independent live music industry.
Ishak, who is believed to go by the hacker pseudonym IShAkDz has not been arrested, according to the Feb. 18 indictment, although a warrant has been issued for his arrest. He is being charged with one felony count of extortion in relation to damage to a protected computer and one count of forfeiture. If convicted he faces a maximum prison term of three years, a $250,000 fine and three years of supervised release.
“We’re pleased to see that the alleged perpetrator of the malicious attack on Ticketfly that occurred in 2018 has been identified and indicted,” Ticketfly’s owner, Eventbrite, said in a statement. “We appreciate the efforts of the FBI and the United States Attorney’s Office in their continued pursuit of justice and for seeking closure for all involved.”
The case is being handled by the FBI’s San Francisco field office and assistant U.S. Attorney Kimberly Hopkins with the U.S. Attorney’s Office in Northern California. According to the indictment, from May 27 to May 31, 2018, Ishak attempted to “extort from Ticketfly, money and other things of value” by attacking Ticketfly’s servers.
The hack came less than a year after Ticketfly was purchased by Eventbrite and compromised roughly 27 million accounts. With the help of third-party security experts, the company determined that information including names, addresses, email addresses and phone numbers were stolen, but that credit/debit card info and passwords were not obtained. Ticketfly’s website was partially down for about a week following the hack, which was described as a “malicious cyber attack.”
Ishak allegedly demanded Bitcoin payment from Ticketfly and defaced the company’s homepage with a picture of Guy Fawkes and a message reading “Ticketfly HacKeD By IsHaKdZ” and “Your Security Down im not sorry. Next time I will publish database backstage.” In an interview with Mashable, Ishak said he had previously warned the company about security vulnerabilities.
Very little is known about Ishak other than that he has not been previously arrested on federal charges. Billboard reached out to the U.S. attorney’s office for comment, but did not receive a response at time of publishing.