Ticketmaster UK found malicious software on a third-party service, but what does this mean for its customers?
Ticketmaster notified customers yesterday (27 June) that malware had infected one of its customer support systems and could have skimmed their personal data, including payment details.
If you used Ticketmaster UK, Getmein.com or TicketWeb websites to purchase concert tickets between February and 23 June of this year, you may have been affected. According to the company, the affected customers make up less than 5pc of its global customer base.
Customer information may have been seized
The malware was found on a customer service product supplied by a third party, Inbenta Technologies. Ticketmaster found that the malicious software caused a mystery third party to receive customer data, including names, addresses, payment details, login credentials and emails. The malware then disabled Inbenta on all affected websites. No customers in North America were affected.
The ticketing service is offering customers a free 12-month service to monitor instances of identity theft for those affected. Ticketmaster said it is working around the clock with forensic and cybersecurity teams to determine how the data was compromised. Authorities and credit card companies have been contacted as well as banks.
Monitoring account statements for evidence of fraud or identity theft is also recommended and customers should reset their passwords.
This trend could continue
Migo Kedem, director of product management at endpoint security firm SentinelOne, said he expects this type of trend to evolve even further. “There are too many defence solutions relying on ‘who you are’ rather than ‘what you do’, so it becomes relatively easy to attack the supply chain of an application that was not designed to provide security.”
CEO of cybersecurity awareness platform CybSafe, Oz Alashe, said: “As Ticketmaster has proved today, the chink in a company’s cybersecurity defences is often found in its vast network of suppliers, partners and third-party products. While most large businesses already have a cybersecurity strategy in place, their smaller suppliers often don’t.”
This is also the first major breach since GDPR was enforced, so a close eye will be kept on proceedings, said cybersecurity expert with Thycotic, Joseph Carson. “Everyone will be paying close attention to whether Ticketmaster have complied with the regulation relating to breach notification and adequate security. Could this be the first EU GDPR victim?”
Carson also recommended that other users of Inbenta launch an incident response to ensure they are not affected.