Ticketmaster warns Canadians of data breach involving customer information
Hack may have involved personal details and credit and debit card numbers
Ticketmaster Entertainment, LLC has informed Canadians of a “data security incident” involving customers who purchased tickets to events in North America.
tap here to see other videos from our team.
Ticketmaster warns Canadians of data breach involving customer information Back to video
It said the breach may have involved personal information including names, contact information and payment card information such as encrypted credit or debit card numbers and expiration dates.
“We are fully committed to protecting your information, and deeply regret that this incident occurred,” the notice said.
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, Victoria Wells and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
Subscribe now to read the latest news in your city and across Canada.
- Exclusive articles from Barbara Shecter, Joe O'Connor, Gabriel Friedman, Victoria Wells and others.
- Daily content from Financial Times, the world's leading global business publication.
- Unlimited online access to read articles from Financial Post, National Post and 15 news sites across Canada with one account.
- National Post ePaper, an electronic replica of the print edition to view on any device, share and comment on.
- Daily puzzles, including the New York Times Crossword.
Create an account or sign in to continue with your reading experience.
- Access articles from across Canada with one account.
- Share your thoughts and join the conversation in the comments.
- Enjoy additional articles per month.
- Get email updates from your favourite authors.
Sign In or Create an Account
The ticket sales company, under parent Live Nation Entertainment, said the breach occurred between April 2 and May 18 and involved unauthorized activity by a third party.
The third party obtained information from a cloud database hosted by another third-party data services provider, it said.
Ticketmaster has not named which organization was involved in the hacking, but U.S. media outlets report that the black-hat criminal hacker group ShinyHunters may have stolen the data.
Wired reported last month that a ShinyHunters hacker said they gained access to Ticketmaster’s Snowflake cloud account — and others — by first breaching a third-party contractor.
Tickemaster said it has not seen any additional unauthorized activity in the cloud database since it began its investigation in mid-May.
In a filing made to the Attorney General of Maine, Ticketmaster said the total number of persons affected is over 1,000.
The company started notifying U.S. customers of the breach in late June but didn’t inform Canadian customers until July 8.
“We have been diligently investigating this incident with the assistance of outside experts,” it said in the email notice to Canadians. “We have also contacted and are cooperating with U.S. federal law enforcement authorities, and this notice has not been delayed due to law enforcement investigation.”
It added that it has taken measures to enhance the security of its systems and customer data. These include rotating passwords for all accounts associated with the affected cloud database, reviewing access permissions and increased alerting mechanisms.
It advises Canadian customers to monitor their accounts, bank and credit card statements and free credit reports for signs of suspicious activity. The company is also offering free 12-month identity monitoring with TransUnion of Canada Inc., which will look out for personal data on the dark web.
Ticketmaster accounts were not affected by the breach, it said, adding that users aren’t required to reset their password.
“Customers can continue to conduct business with Ticketmaster as normal and without issue,” it said.
In May, the U.S. Justice Department, along with 30 State and district attorneys general, filed a civil antitrust lawsuit against Ticketmaster and its parent company for “monopolization and other unlawful conduct that thwarts competition in markets across the live entertainment industry.”
• Email: dpaglinawan@postmedia.com
Bookmark our website and support our journalism: Don’t miss the business news you need to know — add financialpost.com to your bookmarks and sign up for our newsletters financialpost.com.