Ticketmaster scrambles to notify users after data breach

Customised JavaScript code opened door to attackers Print Print Life

Ticketmaster is contacting customers from the UK and Ireland who used its website between February and 23 June following the discovery of a data breach caused by a customer suport product.

It was discovered that software developed by Inbenta Technologies was exporting customer names, addresses, e-mail addresses, telephone numbers, login and payment details to an unknown third party.

“On the evening of Saturday, June 23rd, we received notice from our customer Ticketmaster that the personal data of its users may have been compromised,” explained Inbenta CEO Jordi Torras on the company website.

“Upon further investigation by both parties, it has been confirmed that the source of the data breach was a single piece of JavaScript code, that was customised by Inbenta to meet Ticketmaster’s particular requirements. This code is not part of any of Inbenta’s products or present in any of our other implementations.

“Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customised script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability. The attacker(s) located, modified, and used this script to extract the payment information of Ticketmaster customers processed between February and June 2018.

“We have resolved the vulnerability as of June 26th. We have also thoroughly checked all custom and general scripts and snippets, and we are completely confident that no other customer of Inbenta has been compromised in any way. We can fully assure our customers and end-users that no other implementation of Inbenta across any of our products or customer deployments has been affected.”

Ticketmaster has offered all notified customers a 12-month subscription to an identity managment service and advised them to change their passwords.

TechCentral Reporters