A hacker group’s massive data dump has revealed that Madison Square Garden secretly built a database tagging celebrities by sexuality, race, and “risk” level — and the records stretch back years.
Story Snapshot
- A 45-gigabyte data leak exposed an internal Madison Square Garden database that tagged celebrities with labels including “LGBTIA” and assigned varying “risk” scores.
- Database entries date back to December 2020, with updates as recent as June 2024, showing the tracking was not a one-time event.
- A former security staffer says a transgender woman was tracked and targeted over two years solely because of her gender identity.
- A class-action lawsuit filed in June 2026 claims the data leak resulted from MSG owner James Dolan’s aggressive surveillance practices.
What the Leaked Data Actually Shows
A hacker group called ShinyHunters released roughly 45 gigabytes of internal Madison Square Garden (MSG) data in June 2026. WIRED reviewed those files and found a database with over 10 million entries. The records tagged hundreds of celebrities, Knicks superfans, and other guests. Tags included “LGBTIA” labels and numerical “risk” scores. The database also flagged people with “SM concerns,” meaning staff ran social media sweeps to find individuals seeking free tickets.
The records go back to December 2020 and were updated as recently as June 2024. That means MSG quietly built and maintained this system for years. The database ran on Salesforce software and tracked what guests ordered at their seats, when they sat down, and other detailed movements inside the arena. This is not a basic security camera setup — it is a detailed behavioral file on paying customers and public figures alike.
A Woman Tracked for Two Years
A 2025 lawsuit brought by a former MSG security employee revealed one of the most troubling specific cases. A transgender woman named Nina Richards was tracked inside the arena over and over again for roughly two years. Security staff logged when she sat down, when she ordered drinks, and where she moved. A former MSG security staffer told WIRED that Richards was targeted specifically because of her gender identity. MSG attorneys deny that claim. They say the allegation was fabricated to justify her removal from the venue.
MSG’s official position is that its surveillance system exists to identify security threats — violent patrons or people who break the rules. The company calls WIRED’s reporting “false, misleading, and unverified.” That denial, however, does not explain why the database contains “LGBTIA” tags or why an individual would be tracked over two years. MSG has not released its own forensic review of the leaked files to challenge the specific tags WIRED identified.
A Bigger Privacy Problem for Every Fan
This story is not just about celebrities or one woman’s experience. A class-action lawsuit filed in June 2026 argues that every fan whose data ended up in that system was harmed. The suit claims Dolan’s surveillance practices caused the breach in the first place. The Surveillance Technology Oversight Project, a New York-based privacy group, says MSG retained customer information far beyond what any normal security operation would require. Fans who bought tickets never agreed to be profiled and stored in a massive database.
Madison Square Garden reportedly maintained internal “risk scores” on roughly 400 celebrities, executives and public figures within a larger VIP database of nearly 40,000 entries, according to @wired.
MSG disputes the report.
MORE: https://t.co/rkWy4JLoRS pic.twitter.com/zZXzdULQSO
— Sports Business Journal (@SBJ) July 10, 2026
MSG is not alone in using facial recognition and watch lists at live events. Venues across the country have expanded surveillance technology in recent years. But this case stands out because of the specific personal labels attached to individuals — sexuality, race, and risk scores — and because the data covered years of detailed behavioral tracking. Whether that crosses a legal line will likely be decided in court. What is already clear from the leaked files is that buying a ticket to a Knicks game meant far more data collection than most fans ever knew.
Sources:
feedpress.me, youtube.com, wired.com, frontofficesports.com



