UPDATED 21:26 EDT / DECEMBER 30 2020

SECURITY

Ticketmaster agrees to pay $10M to settle hacking charges against rival service

Being a victim of hacking and hacking others as well is a rare combination, but U.S. ticket sales company Ticketmaster Entertainment Inc. has managed to do both.

Ticketmaster’s U.K. division was hacked in 2018 in one of the earliest recorded Magecart attacks, with names, addresses, email addresses, telephone numbers, payment details and Ticketmaster login details stolen. But now, the company has agreed to pay a $10 million fine to escape prosecution over criminal charges that accused the company of hacking the computer network of rival ticketing service Songkick, previously known as CrowdSurge.

The $10 million payment is on top of $110 million Ticketmaster paid to settle a civil lawsuit filed by Songkick in 2018.

In a tale that can only be described as sordid, Ticketmaster is alleged to have used employees to hack CrowdSurge/ Songkick to gain details of artists that had hired the startup to sell up to 10% of seats for its tours via fan clubs. Ticketmaster is said to have seen the offer as something that could cut into its profits.

The hacking effort was not a one-off but took place between 2012 and 2015, with details stolen shared at the board level at Ticketmaster.

“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” Acting U.S. Attorney DuCharme said in a statement. “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.  Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.”

Along with the $10 million settlement payment, Ticketmaster is required to maintain a compliance and ethics program designed to prevent and detect violations of the Computer Fraud and Abuse Act and other applicable laws, and to prevent the unauthorized and unlawful acquisition of confidential information belonging to its competitors.

Ticketmaster is also bound to report to the U.S. Attorney’s General Office annually for the next three years to prove its compliance with the settlement. Should it not comply, the company will be subject to criminal prosecution.

Photo: yumiang/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU