Ticketmaster has been named in a £5m ($6.5m/€5.8m) lawsuit following the major data breach on its sites in the UK last year.
The suit was filed by law firm Hayes Connor at the High Court in Liverpool, and claims that its legal action is on behalf of more than 650 of the ticketing firm’s customers that were affected by the security breach.
Up to 40,000 UK Ticketmaster customers were believed to have had “some personal or payment information” stolen following the data security breach that became public knowledge in June 2018.
Ticketmaster admitted it had been hacked by “malicious software” on third-party customer support product Inbenta Technologies. Ticketmaster said the breach was likely to have only affected UK customers who purchased or attempted to purchase tickets between February and June 23, 2018.
Cybersecurity firm RiskIQ reported in August that the attack was not an isolated incident, as a hacking group called Magecart had targeted around 800 e-commerce sites.
The law firm’s MD Kingsley Hayes told reporters that they had gone legal after “unsuccessful negotiations” to try to agree an out of court settlement with Ticketmaster.
He added that the ticketing giant had “failed to action the breach until two months after it was alerted to the fact by digital bank Monzo. More than two thirds of our clients have suffered multiple fraudulent transactions since the serious data breach”, while the rest were still at risk of having their data used in fraudulent ways.
Hayes continued: “While the Ticketmaster data breach hit the headlines some time ago, the effect on victims is significant and ongoing. Stolen personal information, particularly in instances where a significant number of individuals are involved, is often used in batches, so some victims may be yet to experience any fraudulent activity, however, may still be at risk.
“Individuals who were alerted to the data breach by Ticketmaster can still join our action to claim compensation but must act to do so in the next few weeks.”
Image: DJANDYW.COM AKA NOBODY