BF-SIRT Newsletter 2018-25

Ticketmaster chat feature leads to Credit-Card Breach

Tens of thousands of people have been caught up in a data breach at Ticketmaster UK, which exposed credit-card and personal information for UK and some international customers.

The ticket-selling giant said that on Saturday it found malware within a customer chat function for its websites, hosted by Inbenta Technologies. Worryingly, the malicious code was found to be accessing an array of information, including name, address, email address, telephone number, payment details and Ticketmaster login details.

The malware managed to stay under the radar for months as well, Ticketmaster said. The breach affects those who purchased, or attempted to purchase, event tickets between September 2017 and June 23 of this year. About 5 percent of its customer base is affected, the company noted, which according to the BBC’s calculations works out to 40,000 or so victims.

Ticketmaster has since disabled the feature, which was running on Ticketmaster International, Ticketmaster UK, GETMEIN! and TicketWeb websites. It also said in a website notice that “forensic teams and security experts are working around the clock to understand how the data was compromised,” and said that it has notified the affected customers.

Top 5 Security links

Top 10 most abused top level domains
Google to Fix Location data leak in Google Home, Chromecast
Marketing firm Exactis leaked a personal info database with 340 million records
Botnets evolving to mobile devices
ANNOUNCING : STARTTLS everywhere: Securing hop-to-hop email delivery