Ticketmaster says it was the victim of a “data security incident” and the information customers provide to the company may have been compromised.
The ticket sales giant said through emails to its users and in a press release that it recently discovered “an unauthorized third party” was able to obtain information from a cloud database hosted by a third-party data services provider.
“Based on our investigation to date, we determined that the unauthorized activity occurred between April 2, 2024, and May 18, 2024,” Ticketmaster wrote in an email sent to its users on Monday. “On May 23, 2024, we determined that some of your personal information may have been affected by the incident. We have not seen any additional unauthorized activity in the cloud database since we began our investigation.”
The California-based company confirmed the cloud database contained personal information of customers who bought tickets to events in Canada, the U.S. and Mexico.
“This may include email, phone number, encrypted credit card information as well as some other personal information provided to us,” it wrote in the press release, adding it is in the process of reaching out by email or mail to customers it believes were affected.
Ticketmaster says it has been working with “the assistance of outside experts” on the matter. It also confirmed it is cooperating with U.S. federal law enforcement authorities, mentioning the announcement of the incident was not delayed due to any investigations. The company also says it’s working with credit card companies and banks.
CTVNews.ca reached out to Ticketmaster to confirm how many customers were affected, and if the company was also cooperating with Canadian authorities in any capacity. The company did not respond to CTV’s questions and instead provided a link to its press release.
The company recommends users monitor their bank accounts for fraud or identity theft, and alert their bank if they notice any suspicious activity. It is also offering identity monitoring through TransUnion for its Canadian users affected by the incident.