Ticketmaster was warned about cyber attack in April, says Monzo bank
Image credit: Dreamstime
Ticketmaster was warned about a cyber attack in which the details of 40,000 UK customers may have been accessed in April, according to digital bank Monzo, but only came forth with the information publicly last night.
The online ticketing service said on Wednesday that it did not identify the breach until June 23, when it “took swift action” and informed the relevant authorities.
Monzo said it replaced the bank cards of 50 customers who had reported fraudulent transactions on April 6 and, following its own investigation, found that 70 per cent of those affected had used their cards with Ticketmaster in the previous five months.
The digital bank said that following this discovery and further reports of fraudulent transactions from accounts that had previously interacted with Ticketmaster, it alerted the ticket site.
“Given the pattern that was emerging, we decided to reach out to Ticketmaster directly. On Thursday 12 April, members of the Ticketmaster security team visited the Monzo office so we could share the information we’d gathered,” Monzo’s head of financial crime, Natasha Vernier, wrote on the company’s web site.
“They told us they’d investigate internally.”
The ticket sales site said that malicious software on third-party customer support product Inbenta Technologies was behind the hack.
In a statement issued on a dedicated website set up after the security breach was identified on Saturday, Ticketmaster said less than 5 per cent of its global customer base had been affected, with none in North America.
It added: “As a result of Inbenta’s product running on Ticketmaster International web sites, some of our customers’ personal or payment information may have been accessed by an unknown third party.
“We have contacted customers who may have been affected by the security incident.
“UK customers who purchased, or attempted to purchase, tickets between February and June 23 2018 may be affected, as well as international customers who purchased, or attempted to purchase, tickets between September 2017 and June 23 2018.”
In response to Monzo, a Ticketmaster spokesman said: “When a bank or credit card provider alerts us to suspicious activity, it is always investigated thoroughly with our acquiring bank, which processes card payments on our behalf.
“In this case, there was an investigation, but there was no evidence that the issue originated with Ticketmaster.”
Following Monzo’s investigation in April and after further reports of suspicious transactions, the bank said it sent out 6,000 replacement cards to all customers who had used their accounts at Ticketmaster.