Ticket sales and distribution company, Ticketmaster has revealed it has suffered a major data breach in which tens of thousands of people had their card details stolen.
The breach has compromised payment card and personal information of customers who made purchases on its UK website. According to the company, the breach was carried out through malicious software on a customer support product by third-party supplier Inbenta Technologies. The product has now been disabled across all of Ticketmaster websites.
The breach is said to have occurred between February and June 2018 for UK customers and between September 2017 and June 2018 for international customers who purchased or attempted payments on Ticketmaster website.
In a company statement, Ticketmaster said “Forensic teams and security experts are working around the clock to understand how the data was compromised. We are working with relevant authorities, as well as credit card companies and banks.”
UK-based mobile-only bank Monzo claimed that it alerted Ticketmaster regarding an increased fraud on its customer accounts in April.
Monzo bank in its company blog said “On Friday 6th April, around 50 customers got in touch with us to report fraudulent transactions on their accounts and we immediately replaced their cards. This happens every day, as banks are constantly targeted by financial criminals, so this wasn’t immediately unusual. But as always, we did some analysis to try to identify any trends that might help our customers.”
“After investigating, our Financial Crime and Security team noticed a pattern: 70% of the customers affected had used their cards with the same online merchant between December of last year and April this year. That merchant was Ticketmaster. This seemed unusual, as overall only 0.8% of all our customers had used Ticketmaster.”