Ticketmaster’s data breach - what to do next

Ticket firm’s website breached by malware on a third-party service

The full extent of the breach involving Ticketmaster user data is as yet unclear, but this doesn’t mean you shouldn’t act. Photograph: iStock

The full extent of the breach involving Ticketmaster user data is as yet unclear, but this doesn’t mean you shouldn’t act. Photograph: iStock


Another week, another data breach. This time, it’s Ticketmaster’s turn.

What has happened?

Strictly speaking, it wasn’t Ticketmaster that was the target, but one of its suppliers. The company said malicious software had infected a customer support product hosted by Ibenta Technologies, which runs on Ticketmaster’s websites. Ibenta is an external third party supplier to the ticketing giant, offering products such as chatbots, knowledge management and case management such as queries that come in over email or social media.

The malware had been capturing data and passing it on to an as-yet unknown third party.

What kind of data did it get?

The full extent of the breach is unclear, but Ticketmaster said data at risk included personal and payment information. That means everything from your email address and phone number to your card information could have been compromised. Your Ticketmaster log-in details could also have been taken.

So it’s time to get changing your passwords. Again.

What did Ticketmaster do to fix this?

As soon as the malware was detected, Ticketmaster disabled the Ibenta product across all its websites. It is now in the process of contacting customers and offering them a free 12-month identity monitoring service, to keep track of any potential threats and give advice on how to rectify anything worrying that pops up. Some offer an insurance policy that will cover any monetary losses suffered as a result of identity theft. However, you must supply them with the personal details that could be at risk - which means trusting yet another company with your information.

How do I know if I’m affected?

Check your email; if your details were at risk, Ticketmaster will have made contact with you. The focus is mainly on international customers who either bought or attempted to buy tickets between September 2017 and June 23rd, and customers who did the same between February and June 23rd.

What do I need to do?

First things first, change your Ticketmaster password, just to be safe. Keep an eye on your bank account statements to monitor for any suspicious activity. If you spot anything that looks like it wasn’t a transaction you made, get in touch with your bank.

Anything else?

Do you use the same log-in details anywhere else? If so, you need to change your password there too.

Consider using a password manager such as Dashlane or LastPass. For more tips on keeping your online accounts safe, check out our “How To” on protecting your account passwords.