As a seasoned gamer with a knack for cybersecurity and a keen eye for data protection, I can’t help but feel disheartened by the latest revelations about Ticketmaster‘s data breach. With years of experience under my belt, I’ve seen enough to know that companies like Ticketmaster have a responsibility to their customers to safeguard our personal information.
Back in April, the cyber-gang known as ShinyHunters managed to penetrate Ticketmaster’s database. They collected personal data such as full names, home addresses, emails, phone numbers, and even credit card information potentially belonging to 560 million of their customers. It took Live Nation-owned Ticketmaster almost two months to detect the intrusion, and another four months to alert those affected by it.
Currently, Ticketmaster is under scrutiny due to a proposed class action lawsuit. This lawsuit claims that Ticketmaster neglected to implement robust security measures to prevent hacking incidents, did not promptly notify affected users about data breaches, and failed to guarantee that their cloud computing service provider adhered to strict data security protocols. Filed in a California federal court on Friday, the lawsuit alleges negligence and demands compensation of at least $5 million, representing damages for millions of users. The exact amount of damages is yet to be specified.
The recent cyberattack on Ticketmaster is just the latest in a series of such incidents this year, which have targeted media and telecommunications companies like Disney, Roku, and AT&T. The group responsible for this breach, ShinyHunters, demanded a ransom of $500,000 to prevent the stolen data from being sold on the dark web.
As a devoted fan, I find myself compelled to share that I’ve learned about a lawsuit alleging some oversights on Ticketmaster’s part. This suit suggests that the data breach was, unfortunately, a result of Ticketmaster failing to establish robust security measures, particularly in the area of vendor management, which is crucial for safeguarding consumer’s personal information. Given the increasing number of high-profile cyber incidents, this oversight seems particularly concerning.
The hacks, including AT&T’s, were linked to a third-party server managed by Snowflake, a cloud computing company. Users are blaming Ticketmaster for not ensuring that Snowflake, which was not mentioned in the complaint, followed appropriate security measures. They view cyber attacks as a well-known risk and argue that failing to implement necessary security steps left user data in an unsafe state.
According to the complaint, it would have been appropriate for Ticketmaster to mandate stricter data protection practices from Snowflake, including cooperation in security audits, prompt notification of users affected by hacking incidents.
Users are criticizing Ticketmaster for keeping personal data that it should have discarded. They argue that the company is using one of its services to sell user data. For instance, whenever a customer purchases merchandise or an event ticket, information such as names, physical addresses, phone numbers, emails, IP addresses, details about transactions, and preferences are collected. This data is then sold to business partners and data brokers.
The lawsuit alleges that consumers are harmed by increased risks of identify theft, fraud and spam. Since 2020, ShinyHunters have stolen over 900 million customer records in hacks of AT&T, GitHub and Pizza Hut, among other companies. With the wide swath of data available to the group, it can create so-called “Fullz” packages, which cross-references multiple sources of personal data to assemble complete dossiers on individuals, the lawsuit claims. Even without certain information, like a social security number, these packages can be used to fraudulently obtain fake driver’s licenses and loans.
The worth of this data is rising due to emerging technologies that provide opportunities for fraud. Criminals on the internet are utilizing stolen data to create more intricate scams, using advanced technologies like deepfakes and artificial intelligence for password cracking.
Users are now confronted with prolonged monitoring of both their financial and private data, as the lawsuit alleges. Besides negligence, users are asserting claims of unjust gain and violation of an implied agreement.
Information categorized as sensitive personal data may fetch prices up to approximately $360 per record, as reported by the cybersecurity education provider, InfoSec Institute.
Ticketmaster did not promptly provide a response when asked for comment. The data breach in April occurred prior to the Justice Department filing an antitrust lawsuit against them.
Read More
Sorry. No data so far.
2024-10-14 22:54