Coachella has cemented itself as one of the top (if not the top) music festivals in North America, growing from one weekend to two (with a considered fall expansion) and constantly having the most lit guest appearances around. However, all that exposure is a double-edged sword. Their website was recently hacked, with the culprits gaining access to a bunch of user data.

Coachella sent an email out to all account holders, presumably dating back to the inaugural Coachella festival. The release assured everyone that financial data and user password were not among the leaked data. That’s a small bit of good news after acknowledging hackers had accessed usernames, first and last names, addresses, emails, phone numbers and dates of birth. Check out statements below, which warn of phishing attacks coming from fake Coachella representatives.

Please be aware that you may be targeted by phishing emails sent from people impersonating Coachella personnel. Please remember that Coachella will never solicit personal information or account information from you via email. Please exercise caution if you receive any emails or phone calls that ask for such information, or direct you to web sites where you are asked for personal or financial information. Festival ticketing purchase accounts were not affected by this incident, however festival attendees may want to consider changing any passwords that they have shared with others.

The data is already being sold on the dark web, according to a recent report from Motherboard.

[via Pitchfork]