40,000 Ticketmaster customers hacked They charge big booking fees, so what am I paying for?
Criminals had access to all their bank details since February – but victims weren’t told of breach
THOUSANDS of customers of Britain’s largest online ticket seller have had their bank details hacked, it emerged last night.
Fraudsters may have had access to information from 40,000 Ticketmaster users from February this year.
But unlike previous hacks, all of their information may have been taken, including the three- digit CVC security number written on the back of debit cards. That number is needed to complete an online transaction.
Any information inputted into the website may have been taken, Ticketmaster has admitted.
Some customers have already seen suspicious activity on their bank accounts, with fraudsters spending money on services such as Uber and Netflix.
Digital bank Monzo noticed customers cards had been compromised in April and told Ticketmaster that month. The company’s head of financial crime, Natasha Vernier said it ‘couldn’t get any traction’ from Ticketmaster, when it approached the company with concerns. In the meantime, Monzo contacted all customers who had ever dealt with Ticketmaster, about 5,000 in all, telling them to replace their cards. The Information Commissioner’s Office (ICO) is investigating the breach and Ticketmaster could be hit by fines running into millions. In the wake of the breach, the watchdog said: ‘Organisations have a legal duty to ensure that people’s personal information is held securely’. Ticketmaster sells tickets to many of the UK’s high profile live music events and theatre shows.
Many victims took to social media to criticise the company for its failure to tell customers quickly. A customer called Becky posted: ‘They’re handling it awfully. A simple email and then an automated message whenever you try to contact them. Very poor when they are someone you have given all of your bank details to. A less generic response would be helpful and decent when someone trusts you with their bank details and that is then jeopardised.’ Another tweeted: ‘They don’t care’.
Ticketmaster became aware of the breach on Saturday after detecting suspicious software on a customer support system hosted by a third party supplier called Inbenta Technologies.
Despite the company finding out on Saturday, customers were only sent emails notifying them of what