Ticketmaster ‘warned in April' of cyber attack
Digital bank Monzo has claimed it warned Ticketmaster in April that it may have been the victim of a cyber attack.
The online ticketing service said on Wednesday that it did not identify the breach until June 23, when it “took swift action” and informed the relevant authorities.
Monzo said it replaced the bank cards of 50 customers who had reported fraudulent transaction on April 6, and, following its own investigation, found that 70% of those affected had used their cards with Ticketmaster in the previous five months.
The digital bank said that, following this discovery and further reports of fraudulent transactions from accounts that had previously interacted with Ticketmaster, it alerted the ticket site.
“Given the pattern that was emerging, we decided to reach out to Ticketmaster directly. On Thursday 12th April, members of the Ticketmaster security team visited the Monzo office so we could share the information we’d gathered,” Monzo’s head of financial crime, Natasha Vernier, wrote on the company’s website.
“They told us they’d investigate internally.”
Rather than an internal breach, Ticketmaster said on Wednesday that it had identified malware in a third-party customer support product from Inbenta Technologies as the source of the attack, which may have affected up to 40,000 UK customers.
The new General Data Protection Regulation (GDPR) requires companies to disclose data breaches within 72 hours of learning about the issue.
Ticketmaster confirmed it was notifying customers it believes may have been affected by the breach and is making users reset their passwords the next time they visit the site.
In response to Monzo, a Ticketmaster spokesman said: “When a bank or credit card provider alerts us to suspicious activity, it is always investigated thoroughly with our acquiring bank, which processes card payments on our behalf.
“In this case, there was an investigation, but there was no evidence that the issue originated with Ticketmaster.”
Following Monzo’s investigation in April and after further reports of suspicious transactions, the bank said it sent out 6,000 replacement cards to all customers who had used their accounts at Ticketmaster.
“Throughout this period we were in direct contact with Ticketmaster. On Thursday 19th April, they told us an internal investigation had found no evidence of a breach and that no other banks were reporting similar patterns,” Ms Vernier said.
She added: “We’re glad to see that Ticketmaster have shared the information publicly, so their customers can take steps to protect themselves.
“It’s incredibly important that companies always work together to protect customers, and we’ll always work hard to make sure this is the case.”
The National Cyber Security Centre (NCSC) has confirmed it is looking into the data breach.