Ticketmaster admits customer data may have been stolen in malware attack

Ticket sales site 'working with Information Commissioner and banks' over apparent hack

Jon Sharman
Wednesday 27 June 2018 22:53 BST
The hack is thought to have affected less than 5 per cent of Ticketmaster's customers globally
The hack is thought to have affected less than 5 per cent of Ticketmaster's customers globally

Ticketmaster has admitted that it suffered a malware attack which means users who bought or tried to buy tickets through its website could have had their credit or debit card data stolen.

Tens of thousands of UK users are thought to have been affected.

Malicious software was found inside third-party software created by Inbenta Technologies but running on Ticketmaster's site, the latter firm admitted, adding that customers’ “personal or payment information may have been accessed” by unknown figures over a period of months.

The software in question was live on Ticketmaster International, Ticketmaster UK, GETMEIN! and TicketWeb, the company said in a warning to customers.

It said: “Forensic teams and security experts are working around the clock to understand how the data was compromised. We are working with the Information Commissioner’s Office, as well as credit card companies, banks and relevant authorities.

“If you have not received an email, we do not believe you have been affected by this security incident based on our investigations.”

UK customers may have been affected between February and June 23, Ticketmaster said in a statement.

International users who have used the site since last September could also have had their data taken.

North American customers were not involved but the apparent hack affected a significant number of people worldwide – “less than five per cent of Ticketmaster’s global customer base”, according to the company.

Fewer than 40,000 customers in the UK have been directly affected by the data security incident, a source familiar with the matter told the Reuters news agency.

Users should reset their passwords, Ticketmaster said.

It added: “We recommend that you monitor your account statements for evidence of fraud or identity theft. If you are concerned or notice any suspicious activity on your account, you should contact your bank and any credit card companies.”

Alex Neill, Which? managing director of home products and services, said: “Many thousands of customers will be seriously concerned about this latest data breach.

"Those who believe they may be affected should keep a very sharp eye on any accounts linked to their Ticketmaster logins, and be wary of suspicious emails or messages from fraudsters.

"Ticketmaster users whose data might have been compromised should change their password, and if they use that password on any other website, change it there too.”

The Independent has contacted Inbenta Technologies for comment.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in