A large number of people who bought, or attempted to buy, tickets through Ticketmaster between February and 23 June 2018 may have had their personal information compromised.
The live event ticket seller is emailing anyone who might have been affected to let them know and to warn them to change their login details.
On a website that has been set up to handle the data breach, Ticketmaster said that on 23 June it identified malicious software on a customer support product run by Inbenta Technologies – a third-party supplier.
The software was exporting customers’ data to an unknown third party.
Which? managing director of home products and services, Alex Neill, said: ‘Many thousands of customers will be seriously concerned about this latest data breach.
‘Those who believe they may be affected should keep a very sharp eye on any accounts linked to their Ticketmaster logins, and be wary of suspicious emails or messages from fraudsters. Ticketmaster users whose data might have been compromised should change their password, and if they use that password on any other website, change it there too.’
Monzo suspected Ticketmaster of data breach
Digital bank Monzo said it spotted the signs of a data breach on 6 April when about 50 of its customers reported fraudulent activity on their accounts.
After investigating, Monzo found that 70% of those affected had used their cards on Ticketmaster between December 2017 and April 2018.
The company then saw more fraudulent activity in other customers’ accounts who’d used Ticketmaster that weekend.
On 12 April, Monzo presented its findings to Ticketmaster’s security team and who told them the ticketing site would investigate the issue internally.
A week later, Tickemaster told Monzo that they had found no evidence of a breach and that no other banks were reporting similar patterns.
But Monzo said it was certain there was a data breach so proactively sent out 6000 replacement cards to any of its cardholders who had used Ticketmaster.
What Ticketmaster has said about the breach
Ticketmaster said: ‘As soon as we discovered the malicious software, we disabled the Inbenta product across all Ticketmaster websites.
‘As a result of Inbenta’s product running on Ticketmaster International websites, some of our customers’ personal or payment information may have been accessed by an unknown third party.
‘Forensic teams and security experts are working around the clock to understand how the data was compromised.’
The customer information that may have been compromised includes names, addresses, email addresses, telephone numbers, payment details and Ticketmaster login details.
Inbenta’s affected product was running on Ticketmaster International, Ticketmaster UK, GetMeIn! and TicketWeb websites in the UK and overseas. North American customers were not affected.
How do I know if I’ve been affected?
Ticketmaster said that it is contacting anyone who might have been affected, as they will need to change their passwords when they next log into their accounts.
But when Which? logged in after being sent the data breach notification, no password change prompt came up.
Affected customers have also been offered a free 12-month identity-monitoring service.
Anyone who has been notified that they could have been part of the breach is being asked to monitor their account statements for any evidence of fraud or identity theft.
Ticketmaster said that less than 5% of its global customers were affected, but Ticketmaster is a major ticket retailer, controlling approximately 80% of ticket sales around the world.
I think I’ve been a data breach victim
If you’ve noticed any suspicious account activity, you should contact your bank or credit card company immediately.
We have more information on our Consumer Rights website, which gives advice on how to stay safe after your data has been breached and how to claim compensation.