Ticketmaster Data Breach – Repercussions

Personal Data ProtectionPrivacy in Business (& EnterpriseOnline Privacy PracticesLegal & Regulatory UpdatesData SecurityPrivacy TechnologyPrivacy News & TrendsData BreachDigital SecurityPersonal Data
Written By Fazila Moosa

Ticketmaster acknowledged in May that hackers stole 560 million customers’ data for ransom. In a U.S. Securities and Exchange Commission filing on May 20, the company confirmed unauthorized activity . Ticketmaster’s parent company, Live Nation Entertainment, said it had “identified unauthorized activity within a third-party cloud database environment.” 

ShinyHunters, a hacker group believed to have been formed around 2020, appears to have been behind the breach. 

Ticketmaster pointed to a support document when asked for comment but did not provide anything further. The document says that the breach involves customers who purchased tickets with the company in North America. Accessed information "may include email, phone number, encrypted credit card information as well as some other personal information provided to us" the page says.  

Meanwhile, California residents Cynthia Ryan and Rosalia Garcia filed a lawsuit over the data breach in California’s Central District Court. The pair allege that both Ticketmaster and Live Nation failed to properly secure their personal information and then listed the data for sale for $500,000 on the dark web. 

North of the border, the Privacy Commissioner of Canada has launched an investigation into Ticketmaster Canada following the cybersecurity incident in response to a complaint. The regulator will assess Ticketmaster’s compliance with the the Personal Information Protection and Electronic Documents Act (PIPEDA). It will examine the company’s practices with respect to security safeguards and whether the company complied with breach notification requirements. 

How Ticketmaster dealt with this breach has become a key concern of the regulators and the public.

Join PRIVATECH in the Certified Information Privacy Manager (CIPM) certification course to discuss data breach management best practices that reduce reputational costs. Or, join us for a privacy pro course first to take advantage of our bundled course options! Courses will be led by an experienced official training partner of the International Association of Privacy Professionals. CLICK HERE for more information.

 

Fazila Moosa
Previous

B.C. Police Officers Claim Privacy Rights Violated  when WhatsApp Texts Accessed 
Next

TikTok – Privacy Enforcement in the U.S. and Canada is a Struggle