TICKETING WEBSITE Ticketmaster has suffered a data breach in which some customers’ payment information may have been accessed.
In an alert on its website, Ticketmaster’s UK arm admitted that, on Saturday 23 June, it “identified malicious software on a customer support product hosted by Inbenta Technologies, an external third-party supplier to Ticketmaster.”
“As soon as we discovered the malicious software, we disabled the Inbenta product across all Ticketmaster websites,” it added.
As a result of Ibenta’s product running on Ticketmaster international websites – which includes Ticketmaster International, Ticketmaster UK, GETMEIN! and TicketWeb – customers’ personal data “may have been accessed by an unknown third party,” the ticket-flogger said.
This personal information includes name, address, email address, telephone number, Ticketmaster login details and, worryingly, payment details.
Affected customers include Brits who purchased, or attempted to purchase tickets between February and June 23 2018, as well as international customers who purchased, or attempted to purchase tickets between September 2017 and June 23, 2018.
Ticketmaster says that “less than five per cent” of its global customer base has been affected in total, and the BBC reports that the breach has affected up to 40,000 UK customers.
The firm says it has contacted those whose details were likely accessed and is offering them a free 12-month identity monitoring service. It’s also advising that all notified customers will need to reset their passwords when they next log into their accounts.
“Forensic teams and security experts are working around the clock to understand how the data was compromised,” Ticketmaster added.
“We are working with relevant authorities, as well as credit card companies and banks.”
News of this breach comes just weeks after Dixons Carphone admitted that breach exposed the personal information of up to six million people, in the first major post-GDPR security screw-up. µ
Source : Inquirer