The Ticketmaster data breach compensation action is underway. We’ve accepted No Win, No Fee cases having assessed the prospects of the case.
There are a number of factors that have come to light that means we’re confident Ticketmaster is liable to pay compensation to victims. With some 40,000 customers affected and a number of claims taken on – including one for a member of our own staff – we’re moving ahead with our legal action.
If you’re affected, you can contact our team for Ticketmaster data breach compensation advice now.
About the Ticketmaster data breach
On Wednesday this week, Ticketmaster notified thousands of customers that their personal details and payment information has been compromised as a result of an unknown third-party gaining access to what Ticketmaster labelled as a “third-party support product”.
Anyone who used the service for tickets between February 2018 and June 2018 may be affected.
As more information has come to light, we’re confident in our legal action given that there are a number of factors that indicate Ticketmaster is liable to compensate victims.
Ticketmaster ‘secretly’ used code with “greater risk for vulnerability”
The “third-party support product” that Ticketmaster appear to be trying to shift the blame on – at least by the tone of their breach notification emails, in my view – was a tool they shouldn’t have been using in the first place.
According to the authors of the tool, Inbenta, the breach arose from a single piece of JavaScript code.
An Inbenta spokesperson said:
“Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability.”
This data breach was very preventable had they have acted more appropriately.
The Inbenta spokesperson also confirmed that: “The attacker(s) located, modified, and used this script to extract the payment information of Ticketmaster customers processed between February and June 2018.”
The data being extracted went straight into the hands of the unknown third-party. This updated information adds weight to the Ticketmaster data breach compensation action.
Ticketmaster warned by a bank two months ago
Not only was the code that was breached inappropriate for use, Ticketmaster were reportedly warned two months ago by a bank that a data breach had occurred.
This would have been an opportunity for Ticketmaster to have nipped the breach in the bud, yet they appear to have done nothing about it given that there are customers who have been affected who used the service in the last two months.
This is inexcusable.
Victims claiming in the Ticketmaster data breach compensation action must, of course, prove that they have a claim to answer for. The use of the inappropriate code and the news that they were reportedly aware of the breach two months ago supports the case for compensation, on top of the fact that the vulnerability existed for far too long without being identified.
Joining the Ticketmaster data breach compensation action
You may be eligible to join the Ticketmaster data breach compensation action if you have received the breach notification email having used the service between February 2018 and June 2018. The breached script is said to have been running on their Ticketmaster UK, Ticketmaster International, GETMEIN! and TicketWeb sites.
Much like the Equifax compensation action we’re helping people for, we’re offering representation on a No Win, No Fee basis.
Data breached includes names, addresses, email address, phone numbers, login information and payment details.
Now, the UK’s Information Commissioner’s Office (ICO) has the power to fine companies £17m or 4% of the company’s annual turnover as a result of the GDPR changes. We’re keen to know what action they will choose to take.
For help, contact our team today.