Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
What is This Claim About?
A U.K. law firm is seeking claimants for group litigation against Ticketmaster U.K. following a 2018 data breach that compromised millions of customers’ personal data.
The Information Commissioner’s Office investigated the breach and found about 9.4 million European Ticketmaster customers — including 1.5 million in the U.K. — had their names and payment card information compromised in the incident.
Who’s Eligible?
Those who believe their information may have been compromised in the Ticketmaster data breach may be eligible to file a claim.
According to law firm Keller Lenkner, the following may indicate your data has been exposed:
- bills or emails regarding goods or services you didn’t order
- unfamiliar transactions on your bank or credit card account
- an unexpected credit score decrease
- increased unsolicited communications and spam
- phishing attempts seeking personal data or referring you to a web page that asks for your personal information
How Much Compensation Will I Receive?
If the case is successful, qualified Class Members will receive compensation for Ticketmaster’s role in the data breach.
The amount each person will receive will be determined in court.
How Do I Join?
To begin your claim, contact Keller Lenkner.
Other firms may be added before the case goes to court.
A U.K. law firm is seeking claimants for a group litigation against Ticketmaster U.K. following a 2018 data breach that compromised millions of customers’ data.
Anyone who believes their information may have been compromised in the data breach may be eligible to seek compensation in this group litigation.
The Ticketmaster Data Breach
The Ticketmaster data breach on four of the company’s sites was announced in June 2018 and affected about 5% of the site’s customers who purchased tickets or attempted to make a purchase between February and June of that year, Ticketmaster said at the time, according to Latest Hacking News.
International visitors to the site who made or attempted a purchase between September 2018 and June 2018 also may have had their data compromised.
However, NBC News later reported, the breach was actually part of a larger payment card-skimming scheme that affected more than 800 e-commerce websites.
An assessment by cybersecurity firm RiskIQ revealed hackers actually breached Inbenta Technologies, a firm working with Ticketmaster; Ticketmaster itself was reportedly not breached.
However, the hackers — a group known as Magecart — did access consumers’ payment information, NBC News reported. The group used similar strategies on several sites, meaning thousands of people’s information likely was targeted, RiskIQ determined.
RiskIQ also determined the breach actually affected 17 of Ticketmaster’s websites over a longer period than the originally reported February-through-June window.
Ticketmaster blamed the breach on Inbenta, which provided a chatbot on the site’s payment page.
Inbenta’s CEO said the breach occurred through a custom Ticketmaster JavaScript code, according to Latest Hacking News.
But the company maintained it wasn’t aware the code had been implemented.
“After a careful analysis of all clues and snapshots from our systems, the technical team at Inbenta discovered that the script had been implemented on the payment page,” the company said on its website. “We were unaware of this, and would have advised against doing so had we known, as it presents a point of vulnerability.”
According to Inbenta, an analysis of its file systems showed only three files were altered, affecting three Ticketmaster websites.
“No other file has been affected, and therefore we are completely confident that no other customer of Inbenta has been affected.”
Ticketmaster removed the chatbot on 23 June 2018.
The Breach Aftermath
The Information Commissioner’s Office (ICO) investigated the data breach and found about 9.4 million Ticketmaster customers in Europe — about 1.5 million in the U.K. — had their names and payment card information breached in the incident.
The ICO also found around 60,000 Barclays Bank payment cards were exposed to fraud, in addition to 6,000 Monzo Bank cards that were replaced after suspected fraud.
Ticketmaster reportedly took nine weeks to begin monitoring traffic on its online payment page after being alerted about possible fraudulent activity, the ICO said.
According to the ICO, the attacker did, indeed, access customers’ information through the chatbot.
However, through its investigation, the ICO determined Ticketmaster had not only failed to implement adequate security protocols, it also failed in assessing the risks associated with payment-page chatbot use and to identify the source of the fraud in a timely manner.
Because of these shortcomings, the ICO ultimately hit Ticketmaster with a £1.25 million fine in November 2020.
The fine was levied under the General Data Protection Regulation (GDPR), which came into effect 25 May 2018; the fine covers the breach only from that point forward.
Ticketmaster said it plans on appealing the fine.
“Since Inbenta Technologies was breached in 2018, we have offered our full cooperation to the ICO,” Ticketmaster said, as reported by the BBC. “We plan to appeal [against] today’s announcement.”
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.
One thought on Ticketmaster Data Breach Group Action Open Claim
link doesn’t work