Cybercriminal selling nearly 1 million Coachella accounts on the dark web
The data on sale inlcudes usernames, hashed passwords and email addresses iStock

Nearly one million Coachella accounts are reportedly currently up for sale on the dark web. An underground data trader is allegedly selling over 950,000 Coachella user accounts data, which includes usernames, hashed passwords and email addresses, for $300.

"Coachella complete database dump from this month," the cybercriminal, who uses the handle Berkut, wrote in their listing, on the popular dark web marketplace Tochka, Motherboard reported. The data on sale does not allegedly include payment data, according to a sample of 10,000 accounts provided by Berkut and analysed by Motherboard.

According to the cybercriminal's Tochka listing, around 360,000 accounts relate to the main Coachella website, while 590,000 are linked to the message board. The data from the message board allegedly contains more user information, such as IP addresses.

"The Coachella breach goes to show you that it isn't only Fortune 500 companies and government agencies being targeted by cybercriminals – it's any website that collects email credentials," Tony Gauda, CEO of ThinAir, told SC Magazine. "Consumers who reuse email credentials are especially at risk during these attacks."

Gauda claimed that cyberattacks on large organisations can be "more lucrative" for hackers, while noting that advanced cyber defences likely incorporated by organisations have pushed hackers into targeting comparatively softer targets like music festivals.

"Anyone who registered for the music festival is now a target for highly customised phishing campaigns, opening the door for subsequent attacks and additional breaches," said Gauda. "Until organisations take steps to secure their customers information with the same level of security they apply to their physical assets, breaches such as this one will persist."

IBTimes UK has reached out to Coachella for further clarity on the matter and will update this article in the event a response is provided.