One AI Model, One Bug, Access to Every Major US Music Festival
In April 2026, a security researcher sat down with an AI chatbot and, within a relatively short amount of time, found himself in a position to issue free tickets — any ticket, any value, any event — to nearly every major music festival in the United States. He didn’t use the access. But the fact that it was there at all is the story.
The researcher is Ian Carroll, and the platform he broke into is Front Gate Tickets, a Live Nation subsidiary that handles ticketing for a long list of major US festivals including Lollapalooza, South by Southwest, Austin City Limits, and Bonnaroo. The vulnerability he found — and the role that AI played in finding it — was first reported by Wired and has since drawn significant attention across the security and music industry press.

How It Actually Worked
Carroll discovered an SQL injection vulnerability in the device API of Front Gate Tickets — a parameter called deviceUID was being concatenated directly into database queries without sanitization, a textbook flaw that has been a known risk in web development for more than two decades. The twist is what happened next. A web application firewall was blocking his standard injection attempts, so Carroll asked Claude Opus 4.7 to help analyze the vulnerability. The AI model produced a workaround using nested SQL queries that slipped past the firewall’s defenses undetected.
The result was access that went far beyond reading a few records. Carroll was able to access hundreds of databases containing customer and staff data — including names, emails, and mailing addresses — and ultimately take over a super-administrator account by exploiting how the site handled password resets. With that access, he could issue tickets of any value to anyone for any event. What makes the AI dimension particularly notable is Carroll’s own admission about it. He told Wired it was the first time in his career that he had found a vulnerability he didn’t fully understand himself — he had to go back and read what Claude had written in order to follow the logic of the bypass, because he hadn’t written it. His conclusion was blunt: he believed there was a strong chance the AI could have found the exploit end-to-end without any human guidance at all.
Responsible Disclosure — and Lingering Questions
Carroll did not exploit his access. He found a Bonnaroo Platinum ticket priced at $4,000, confirmed he could duplicate it freely, and stopped there — flagging the issue to Front Gate instead. The vulnerability was patched within 24 hours. Front Gate told Wired it resolved the issue within 24 hours of receiving Carroll’s report, stated it had not seen evidence the vulnerability was exploited, and described the incident as an example of responsible security research that ultimately made its systems more secure.
Carroll is less reassured. He disputes the claim that no fraudulent tickets would have made it through undetected, and argues there is no conclusive proof the flaw had never been abused before he found it — noting he obtained administrator-level access via what appeared to be a public-facing login path, with no two-factor authentication in place.
“We are releasing Opus 4.7 with safeguards that automatically detect and block requests that indicate prohibited or high-risk cybersecurity uses. What we learn from the real-world deployment of these safeguards will help us work towards our eventual goal of a broad release of Mythos-class models.
Security professionals who wish to use Opus 4.7 for legitimate cybersecurity purposes (such as vulnerability research, penetration testing, and red-teaming) are invited to join our new Cyber Verification Program.”
Anthropic’s Role: A Controlled Experiment
Carroll is part of Anthropic’s Cyber Verification Program, which gives vetted security researchers access to Claude for legitimate offensive security research. Anthropic confirmed that without that program membership, Carroll’s use of Claude for this purpose would have been detected and blocked.
That clarification matters for how the story is framed. This was not a case of AI being weaponized by a bad actor — it was a controlled research exercise that happened to expose a serious flaw in infrastructure used across the live music industry. The distinction is real, but it doesn’t fully resolve the question Carroll is actually raising: what happens when the same capability is in less careful hands? Internal testing at Anthropic had already indicated that prior Claude models could identify significant zero-day vulnerabilities. Opus 4.7 was designed as a more controlled successor to earlier internal models that had fewer restrictions. The Front Gate incident is, in effect, a live demonstration of what that capability looks like when it meets a real-world target.
The Monopoly Problem Underneath the Hack
There is a second layer to this story that is easy to miss in the cybersecurity framing. Carroll first became aware of Front Gate only when he was considering attending Electric Daisy Carnival in Las Vegas. When he saw that the festival’s ticketing was run by Front Gate, he was curious what other festivals used the same company — and realized that nearly every major US music festival, aside from Coachella, ran through the same platform. His description of the situation was direct: a single centralized company issuing tickets for every major festival, operating as a subsidiary of Live Nation, with infrastructure he described — after gaining administrator access — as held together by improvised fixes rather than robust engineering.
The security vulnerability has been patched. The structural concentration it exposed has not. A single point of failure in the ticketing infrastructure of the entire US festival circuit is not a problem that gets resolved in 24 hours — and the AI tools capable of finding the next one are only getting more capable. Should festival ticketing infrastructure be subject to mandatory independent security audits? And how much should AI’s role in finding these vulnerabilities change the conversation?

Rudy (32) currently based in Bergamo, here since 2019.
https://www.linkedin.com/in/rudy-cassago-522452179/