A security breach has compromised the UK's customer database of one of the world's biggest ticket-selling giant Ticketmaster.
The online entertainment retail service has warned their UK customers that they could be at risk of fraud or identity theft after the group admitted around 5% of all Ticketmaster UK users were affected by this cyber attack.
The hackers may have accessed some of the private data that includes login information, users' payment data, addresses, name, and phone numbers. All customers are advised to change their passwords if they use the same password on other sites.
“UK customers who purchased, or attempted to purchase, tickets between February and June 23, 2018, may be affected as well as international customers who purchased, or attempted to purchase, tickets between September 2017 and June 23, 2018,” state Ticketmaster in their official notice. “Less than 5% of our global customer base has been affected by this incident. Customers in North America have not been affected.”
The company discovered malicious software their third chat widget powered by Inbenta Technologies, which is a third-party artificial intelligence tech supply, they have now disabled Inbenta chat for all its websites.
“As a result of Inbenta’s product running on Ticketmaster International websites, some of our customers’ personal or payment information may have been accessed by an unknown third-party. Information which may have been compromised includes name, address, email address, telephone number, payment details and Ticketmaster login details.”
However, Inbenta's CEO Jordi Torras refuted the claims that the breach happened from their end. He clarified that no other client has been ever affected by any kind of cyber attack.
"We can confirm with 100 percent certainty that no data was taken from our servers and no other customers other than Ticketmaster were affected. The JavaScript we created specifically for Ticketmaster was used on a payments page, which is not what we built it for. Had we known that script would have been used in that way, we would have advised against it, as it poses a security threat," said Torras.
Meanwhile, the forensic teams and security experts are working together to find out how data was compromised, and how many customers were affected by the data breach.