The data breach affects customers who bought tickets to events in Canada, the U.S. and Mexico
Ticketmaster said personal information of some customers may have been stolen in a “data security incident” involving events in North America.
In a notice in the support section of its website, the ticket-selling company said it had discovered unauthorized activity on an isolated cloud database hosted by a third-party data services provider.
The database contained personal information of customers who bought tickets to events in the U.S., Canada and Mexico.
“This may include email, phone number, encrypted credit card information as well as some other personal information provided to us,” it said.
Ticketmaster said it had reported the incident to the authorities, including law enforcement, credit card companies and banks.
It is notifying affected customers by email or mail and will offer them a free 12-month identity monitoring service.
The notice did not specify when the breaches occurred. Ticketmaster said there has been no other suspicious activity detected since it began its investigation.
Last month Live Nation, Ticketmaster’s parent company, said it was investigating a data breach at Ticketmaster.
In a May 27 regulatory filing, the Calif.-based company said “a criminal threat actor” had offered to sell Ticketmaster data on the dark web.
Other media reports say a hacking group named ShinyHunters claimed responsibility for the breach in an online forum and was seeking US$500,000 for the data, which reportedly includes names, addresses, phone numbers and some credit card details of millions of Ticketmaster customers.
At the time, Live Nation said the breach was unlikely to have “a material impact on our overall business operations.”
With files from Associated Press