On June 23, IT experts at Ticketmaster reported that their UK website had been compromised. As a result, UK-based customers who tried to purchase or have bought tickets from Ticketmaster UK between February and June 2018 might be at risk. Additionally, international customers who have used company’s services between September 2017 and June 2018 may also be affected.

According to the experts, the stolen data contain a significant amount of sensitive information, including details which might personally identify its customers. The details below are just some of the information that was gaining by the hackers:

  • Names;
  • Billing addresses;
  • Credit card details;
  • Email addresses;
  • Telephone numbers;
  • Login information.

Ticketmaster reported that their internal forensic team is investigating the issue and trying to discover how the website was compromised. Additionally, they are encouraging their customers to monitor their bank account activity and notify relevant authorities about any suspicious activity:

We recommend that you monitor your account statements for evidence of fraud or identity theft. If you are concerned or notice any suspicious activity on your account, you should contact your bank(s) and any credit card companies.

The malicious code was discovered running on the company’s website

Ticketmaster was using the services of Inbenta, which provides chat bot and support ticketing services for various sales companies. Experts identified that the site was breached via the JavaScript code that was embedded directly to the payment page.

The code was customized for Ticketmaster’s company individually, although Inbenta has confirmed that none of their other customers and websites have been affected. They pointed out that using  third-party code directly in the online payment platform was a huge risk and they would have never agreed to such actions if they were aware of Ticketmaster’s actions.

Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability. 

Digital bank claims to have warned Ticketmaster about the breach months ago

Interestingly, digital bank Monzo claims that they had informed Ticketmaster about the potential risk of data leak months before the official statement. The representatives say that they have replaced 6 thousand Monzo cards which were used to purchase tickets since customers reported about unauthorized transactions:

Over the course of Thursday 19th April and Friday 20th April, we sent out six thousand replacement cards to customers who had used their Monzo cards at Ticketmaster. We let them know that we were replacing their cards through their Monzo app, but didn’t name Ticketmaster as the reason at the time.

The firm confirms that they have arranged a meeting with Ticketmaster’s cybersecurity team and were told that the issue would be investigated internally.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Share This