Elite Cyber Agency, LLC

3395 Furys Ferry Rd

Suite 3, PMB 218

Martinez Ga, 30907

Email: info@elitecyberagency.com 

Ticketmaster Suffers Security Breach – Personal and Payment Data Stolen

 

Global entertainment ticketing service Ticketmaster has admitted that the company has suffered a security breach, warning customers that their personal and payment information may have been accessed by an unknown third-party.

The company has blamed a third-party support customer service chat application for the data breach that believed to affect tens of thousands of its customers.

The customer support chat application, made by Inbenta Technologies—a third-party artificial intelligence tech supplier—used to help major websites interact with their customers.

 


In its statement, Ticketmaster said it discovered malicious software on the customer support application hosted on its UK website that allowed attackers to extract the personal and payment information from its customers buying tickets.

Ticketmaster disabled the Inbenta product across all of its websites as soon as it recognized the malicious code.

However, Inbenta Technologies turned away blame back to Ticketmaster, saying that the ticketing service deployed the chat application improperly on its website.

"Upon further investigation by both parties, it has been confirmed that the source of the data breach was a single piece of JavaScript code, that was customized by Inbenta to meet Ticketmaster's particular requirements," Inbenta chief executive Jordi Torras said in a statement. 

 

"This code is not part of any of Inbenta's products or present in any of our other implementations. Ticketmaster directly applied the script to its payments page, without notifying our team."

 

Inbenta said by applying this Javascript to the payment page, Ticketmaster presented attackers with "a point of vulnerability that affects the capacity for web forms to upload files," allowing attackers to locate, modify, and use the script to "extract the payment information of Ticketmaster customers processed between February and June 2018."

Compromised information includes name, address, email address, telephone number, payment details and Ticketmaster login details of its customers.

 

Neither Ticketmaster nor Inbenta did say the number of customers affected by the incident, but the ticketing service did confirm that less than 5% of its global customer base has been affected.

 


Inbenta is entirely confident that no other customer of Inbenta has been compromised in any way, and that the incident has "nothing to do with any of its industry-leading AI and machine learning products," which serve hundreds of customers on six continents.

 

Ticketmaster said that it has emailed all affected customers, and is offering 12 months of free identity monitoring service for those who have been impacted.

Affected customers are also advised to keep a close eye on their bank account transactions for signs of any suspicious activity, and immediately notify their banks if found any.

Users are also advised to be cautious if they receive any suspicious or unrecognized phone call, text message, or email from anyone saying you must pay taxes or a debt immediately—even if they provide your personal information.

 

 

 

 

 

Share on Facebook
Share on Twitter
Please reload

Featured Posts

The Future of Cybersecurity Jobs

June 28, 2018

1/3
Please reload

Recent Posts
Please reload

Archive
Please reload

Search By Tags
Please reload

Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square