TicketMaster - Data Security Breach

billybonkers

On Saturday, June 23, 2018, Ticketmaster UK identified malicious software on a customer support product hosted by Inbenta Technologies, an external third-party supplier to Ticketmaster.

As soon as we discovered the malicious software, we disabled the Inbenta product across all Ticketmaster websites.

As a result of Inbenta’s product running on Ticketmaster websites, some of our customers’ personal or payment information may have been accessed by an unknown third-party.

We are contacting you because you purchased, or attempted to purchase, tickets between February and June 23, 2018. Whilst we have no evidence to suggest your data has been compromised, we are notifying you out of an abundance of caution.

Forensic teams and security experts are working around the clock to understand how the data was compromised.

We are working with relevant authorities, as well as credit card companies and banks.

What we are doing:

- Ticketmaster International has established a dedicated website security.ticketmaster.ie to answer your questions about the Inbenta incident. You can also contact fan.help@ticketmaster.ie

- As a precautionary measure, all notified customers will need to reset their passwords when they next log into their accounts

- We are offering impacted customers a free 12 month identity monitoring service with a leading provider. To request this service please visit this page

We recommend that you monitor your account statements for evidence of fraud or identity theft. If you are concerned or notice any suspicious activity on your account, you should contact your bank(s) and any credit card companies.

Ticketmaster understands the importance of your personal information. We take the protection of that information very seriously and we are sorry to have to write to you in these circumstances.



Faithfully,

The Ticketmaster Team

The Nal

"As a precautionary measure, all notified customers will need to reset their passwords when they next log into their accounts".

If you got an email is that a notification?

johnnyskeleton

Whats an identity monitoring service? Do they ring you up and ask for Brian to see if youre still you?

Dr Turk Turkelton

johnnyskeleton wrote: »

Whats an identity monitoring service? Do they ring you up and ask for Brian to see if youre still you?

I'm Brian and so is my wife.

dreamers75

10+ Billion revenue, GDPR gonna have a field day if anything identifiable is in there.

Grab All Association

Wonder does it apply to Seatwave too?

GhostInTheRuins

I got the email too.

It's better to err on the side of caution I suppose. I called AIB and they've been in contact with ticketmaster, they said that they're not sure if card details have been stolen but aib recommended I get a new card just to be safe.

Zardoz

Neteller rang me on Monday saying that they had cancelled my Mastercard due to a potential security issue ,I was curious as to what it was at the time as I hadnt used it in a while ,now I think I know .

G_R

Off topic I know, but it's annoying that the website has a .ie domain and they constantly refer to UK customers only being affected.

Get the country name right lads

Toast

G_R wrote: »

Off topic I know, but it's annoying that the website has a .ie domain and they constantly refer to UK customers only being affected.

Get the country name right lads

It really isn't off topic because it is really confusing what has actually been leaked if you're an Irish customer or not. They refer to international customers (ie all non Ticketmaster US customers) maybe impacted then also specifically say the affected people are limited to UK customers but the mail to international customers is for precautionary purposes. So which is it? Also are we under the umbrella of UK customers (incorrectly?).

As a result of Inbenta's product running on Ticketmaster International websites, some of our customers' personal or payment information may have been accessed by an unknown third-party.

We have contacted customers who may have been affected by the security incident. UK customers who purchased, or attempted to purchase, tickets between February and June 23, 2018 may be affected. As a precautionary measure we have also notified international customers who purchased in this period.

Which countries have been affected?
Based on our investigation, we understand that only certain UK customers who purchased or attempted to purchase tickets may have been affected by the incident. As a precaution we are also notifying all Ticketmaster International customers outside the UK that they will need to reset their passwords when they next log into their accounts. Customers in North America are not affected.

This is a mess.

dragonfly!

I got a text from BOI last week to say that there were sending me a new card due to fraudulent activity on my card
I guess I know who is to blame now...

JamieCarra

GhostInTheRuins wrote: »

I got the email too.

It's better to err on the side of caution I suppose. I called AIB and they've been in contact with ticketmaster, they said that they're not sure if card details have been stolen but aib recommended I get a new card just to be safe.

dragonfly! wrote: »

I got a text from BOI last week to say that there were sending me a new card due to fraudulent activity on my card
I guess I know who is to blame now...

Got a similar notification for a card that I would have used to order tickets for events in NI in the past but nothing for the card that I would have used for Dublin gigs yet,  BOI on the ball as usual...

Toast

AIB Customer care refuse to be drawn on twitter wheter it is necessary to cancel the card if you got the email. Just repeated the line on the mail to contact them if there was fradulent activity. My guess is either no one really knows what is up or they know the breach wasn't the actual account details but some way of using them in their stored state that is now closed.

JaMarcus

I tried to log in to Ticketmaster today and it wouldn't accept my password - kept saying it was incorrect. I use LastPass so I wasn't typing it incorrectly. I had to request a temporary password and change it before I could continue.

billybonkers

JaMarcus wrote: »

I tried to log in to Ticketmaster today and it wouldn't accept my password - kept saying it was incorrect. I use LastPass so I wasn't typing it incorrectly. I had to request a temporary password and change it before I could continue.

I would suggest you cancel what ever card you had associated with that account

drake70

JaMarcus wrote: »

I tried to log in to Ticketmaster today and it wouldn't accept my password - kept saying it was incorrect. I use LastPass so I wasn't typing it incorrectly. I had to request a temporary password and change it before I could continue.

Same for me

dragonfly!

JaMarcus wrote: »

I tried to log in to Ticketmaster today and it wouldn't accept my password - kept saying it was incorrect. I use LastPass so I wasn't typing it incorrectly. I had to request a temporary password and change it before I could continue.

Yep same and all I could think about was thank GOD its not an onsale morning:eek:

Zardoz

JaMarcus wrote: »

I tried to log in to Ticketmaster today and it wouldn't accept my password - kept saying it was incorrect. I use LastPass so I wasn't typing it incorrectly. I had to request a temporary password and change it before I could continue.

It says in the email that "As a precautionary measure, all notified customers will need to reset their passwords when they next log into their accounts" .

You cant log in though to change the password ,you need to reset it .
You wont be able to log in unless you request a new password .
Not very well explained or implemented by Ticketmaster .

RockDesk

Zardoz wrote: »

It says in the email that "As a precautionary measure, all notified customers will need to reset their passwords when they next log into their accounts" .

You cant log in though to change the password ,you need to reset it .
You wont be able to log in unless you request a new password .
Not very well explained or implemented by Ticketmaster .

I agree. I was worried because I thought I had been hacked and locked out of my account by who/what ever hacked the system because I didn't get the reset password prompt that Ticketmaster has said I get.

Tango One

The hackers tried to have a field day on my card last night. I should have cancelled my card. Most of the transaction where refused but a few went through. A pain in the arse this is now. My bank want me to contact the guards and open a case. I'm probably open to identity thief now too. All due to Ticketmaster incompetence

Fann Linn

Tango One wrote: »

The hackers tried to have a field day on my card last night. I should have cancelled my card. Most of the transaction where refused but a few went through. A pain in the arse this is now. My bank want me to contact the guards and open a case. I'm probably open to identity thief now too. All due to Ticketmaster incompetence

Any idea who is liable and more importantly whether the bank or ticketmaster will reimburse?Genuine question as I only purchased tickets a forthnight ago, and touch wood, all seems OK for now, however I'm constantly checking the account to make sure. I'd cancel the card only for I'm going on holidays soon and I'm afraid I won't have a new one in time.

Tango One

I'm sure the bank will reimburse me but I need to open a case with the guards. But it may take time plus I'm worried about identity theft too.

Arne_Saknussem

Fann Linn wrote: »

Any idea who is liable and more importantly whether the bank or ticketmaster will reimburse?Genuine question as I only purchased tickets a forthnight ago, and touch wood, all seems OK for now, however I'm constantly checking the account to make sure. I'd cancel the card only for I'm going on holidays soon and I'm afraid I won't have a new one in time.

I just canceled my card & they've said i'll have a replacement delivered before the end of the week.

Call me Al

Were these cards that have been compromised stored on your ticketmaster account?
I received the email but I don't ever store the card details with the account. I used ticketmaster twice recently enough but haven't had any dodgy transactions appear so far. My card expired last month so i got a new one anyway.

dragonfly!

Fann Linn wrote: »

Any idea who is liable and more importantly whether the bank or ticketmaster will reimburse?Genuine question as I only purchased tickets a forthnight ago, and touch wood, all seems OK for now, however I'm constantly checking the account to make sure. I'd cancel the card only for I'm going on holidays soon and I'm afraid I won't have a new one in time.

You should have a new card within a few days
I was contacted on the Tuesday and got a new card on the Friday

Fann Linn

dragonfly! wrote: »

You should have a new card within a few days
I was contacted on the Tuesday and got a new card on the Friday

Thanks. I'll have a word with the bank tomorrow.

RockDesk

I contacted my bank (BOI) who said that if I hadn't been contacted by them, that I should be ok. They're aware of the breach and are acting on it.

thebiglad

Just received the identification monitoring email from Ticketmaster - totally focused on UK customers so will be of limited use i fear - have filled in all I can and see if anything comes of it.

Had strange transactions on my BOI Credit Card about 1 month before I was contacted by Ticketmaster and BOI had already blocked and replaced the card for me.

As I have 10 cards which they can trace I put the card details into the portal of the provider given by Ticketmaster and they are not flagging the card as exposed (could be coincidence I suppose)...

phunkadelic

I was seeing warnings from Symantec AV on ticketmaster.ie for about a month. From mid May roughly.
Warning was along the lines of mass injection
https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=28821

ArrBee

I'm trying to decide if the identity monitoring offer is a wise move or not.

My take on it is that to be effective, you have to provide all your personal data to this 3rd party who will then use it to compare against data picked up from "dodgy locations" thus indicating your details are being traded.

with all of your data sitting at this 3rd party, surely they are an attractive target for attack?
never mind the data that ticketmaster may have leaked, this could be worse....

ArrBee

Call me Al wrote: »

Were these cards that have been compromised stored on your ticketmaster account?
I received the email but I don't ever store the card details with the account. I used ticketmaster twice recently enough but haven't had any dodgy transactions appear so far. My card expired last month so i got a new one anyway.

The way the hack was done was to scrape details from the payment screen as you were making a ticket purchase and send the data elsewhere.
it didn't need to be "stored" in ticketmaster at all.
In fact, ticketmaster wasn't breached to achieve the hack. A 3rd party vendor was supplying services to ticketmaster (customer management services) where the 3rd party hosts the code and the ticketmaster site references the external code that then runs in your browser.

It seems that between Ticketmaster asking the vendor to modify the code specifically for them, ticketmaster calling the code to run on the payments screen (not a bright idea), the 3rd party *possibly* being hacked and the code being altered (to send data out to the baddies), anyone making a payment will have data compromised.