Search This Blog

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Showing posts with label Anthropic Claude Opus 4.7. Show all posts

Anthropic AI Tool Helps Researcher Discover Security Flaw in Major Festival Ticketing System

 

An independent cybersecurity researcher has disclosed that he used an artificial intelligence tool developed by Anthropic to identify a significant security vulnerability in the ticketing platform operated by Front Gate Tickets.

lan Carroll told WIRED that Anthropic's Claude Opus 4.7 model assisted him in uncovering a flaw that could have affected ticket sales systems used by major US music festivals, including Lollapalooza, Bonnaroo, South by Southwest, and Austin City Limits.

According to Carroll, the vulnerability may have enabled an attacker to gain access to millions of customer and staff records and potentially issue event tickets without authorization. He said the Al model helped identify a way to bypass security measures that were designed to block a known category of web-based attacks.

Carroll stated that he was able to access administrative accounts and view options for issuing high-value tickets, including VIP passes. However, he emphasized that he did not generate any tickets or misuse the access, opting instead to report the issue to Front Gate Tickets.

Front Gate Tickets confirmed that the vulnerability was patched within 24 hours of receiving the report. The company said it found no evidence that customer data had been exposed or that the flaw had been exploited by malicious actors.

In its statement, the company explained that the issue affected an internal system used by festival entry scanners rather than a public-facing customer ticketing platform. Front Gate also noted that certain premium tickets require physical RFID wristbands and could not have been created through the online system.

The disclosure has intensified discussions about the expanding role of artificial intelligence in cybersecurity. Carroll said he was surprised by the Al system's ability to identify attack techniques that he had not considered on his own.

Anthropic said its Cyber Verification Program is intended to allow approved security researchers to use advanced Al tools responsibly to strengthen online security. The company added that unauthorized attempts to use its systems for hacking are monitored and blocked.

Cybersecurity specialists have increasingly warned that rapid advances in artificial intelligence could make the discovery of software vulnerabilities easier, prompting broader questions about how organizations secure critical digital infrastructure.