Ticketmaster (TM) has admitted that its data system has been compromised following an incident involving a “third-party supplier” and is advising customers to reset their passwords.
The company has called in forensic and security experts to identify how the data had been accessed and was working with the Information Commissioner’s Office (ICO), as well as credit card companies, banks and relevant authorities.
The breach is a result of “malicious software” on third-party customer support partner Inbenta Technologies, which the company says may have compromised around five per cent of its global customer data.
The ticketing giant identified the problem on 23 June and found that it was exporting UK customers’ data to an unknown third-party.
Information which may have been compromised includes customers’ names, addresses, email, telephone numbers, payment details and TM login details.
The data breach has not only affected TM’s primary platform, but also its Ticketweb division and customers using its resale site GetMeIn, as Inbenta’s product was running across all of three
UK-based TM customers who purchased, or attempted to purchase, tickets between 23 February and 23 June may be affected as well as international customers who purchased or attempted to purchase tickets between September last year and 23 June.
The company has contacted all potentially affected customers, advising them to reset their passwords and offering them a free 12-month identity monitoring service. Customers in North America are not affected.
In a statement, TM says, “As soon as we discovered the malicious software, we disabled the Inbenta product across all Ticketmaster websites.”
A few weeks ago, US company Ticketfly was hacked, with around 27 million customers data potentially compromised, including names, addresses, email and phone numbers (see Audience issue 221).
The San Francisco-based company was taken offline after what it described as a “cyber incident” on 31 May. A code was left on the site pointing to a hacker group that appeared to be demanding a ransom.
It took until 6 June for the website to be fully functioning again, forcing some of the company’s promoter and venue clients having to cancel or rearrange a number of shows.