Ticketmaster UK fined by ICO following hack


Ticket sales and distribution company Ticketmaster was fined by the UK Information Commissioner’s Office (ICO) for a breach that occurred over the course of several months in 2018.

According to an ICO press release, the company has to pay about $ 1.65 million for failing to properly protect its customers’ data.

The communications guard says that Ticketmaster did not have “appropriate security measures” in place to prevent a cyber attack in the first place.

Since the data breach happened after May 25, 2018, and was detected and stopped before the UK left the EU, the data breach falls under the General Data Protection Regulation (GDPR) and the ICO treated it as such.

Ticketmaster deployed a third-party chatbot on its payment page so that cyber criminals were able to obtain customer data, the ICO investigation found.

As a result of the data breach, the names, payment card numbers, expiration dates and CVV numbers of around 9.4 million Ticketmaster customers based in Europe were revealed.

About 60,000 Barclays Bank credit cards and 6,000 Monzo Bank cards were known to be a direct result of the breach.

“Ticketmaster should have done more to reduce the risk of a cyber attack. Since it has not, millions of people in the UK and Europe have been exposed to potential fraud, ”said James Dipple-Johnstone, Deputy Commissioner.

“The £ 1.25 million fine we fined today will signal to other organizations that keeping their customers’ personal information safe should be high on their agenda.”

After Ticketmaster received an indication of possible fraud, it took nine weeks to identify the vulnerability and remove it from the system.