Featured News

New bank cards still being issued after TM data breach

Ticketmaster’s UK customers are continuing to have new bank cards issued following last year’s data breach.

The breach affected up to 40,000 Ticketmaster customers who had bought tickets online between February and June 2018. The hackers obtained names, addresses, email, telephone numbers and payment details.

Lloyds Bank, Halifax and Bank of Scotland are among the institutions that have already dispatched new cards over fears personal details and payment information has been compromised.

However, banks such as NatWest are only now sending customers new cards – more than seven months after the discovery of the breach.

While the delay in receiving a new card is worrying for some customers, Ticketmaster UK told TheTicketingBusiness.com that there have been no further breaches since last summer.

GDPR to be tested

The data breach is one of the most high-profile of recent years and certainly since new data laws were implemented in May 2018.

Legal firm Hayes Connor said that the Ticketmaster data breach could be a major test to check if much-heralded new data legislation across the UK and European Union will actually hold companies to account.

The breach actually spans two different UK data protection acts: The Data Protection Act (DPA) 1998 and the Data Protection Act (DPA) 2018 (the UK’s version of the GDPR).

The two acts have significantly different level of fines, with the first up to a maximum of £500,000, and the second up to £17m or 4 per cent of an organisation’s annual turnover.

Hayes Connor said that the breach could be judged under both acts, or that the entire data protection failure could be treated as a breach under GDPR as it kept happening after the new laws came into force last May. 

The firm said: “If GDPR is used, the Ticketmaster data breach case will be considered a test case that is likely to set the tone for action to be taken by the Information Commissioners Office (ICO) in future breaches.

“The only way for you to hold Ticketmaster to account is to make a data breach compensation claim.”


Posted in Featured NewsTagged | | | |