Ticketmaster Breach May Be Part of Much Larger Scam

July 10, 2018, Written By John H. Oldshue
Ticketmaster Breach May Be Part of Much Larger Scam

In June, Ticketmaster announced a breach that affected 5% of their customers. The company said the breach did not occur on their servers but through Inbenta, which provides AI-powered live chat widgets to the ticket retailer.

However, today, RiskIQ released a report indicating the breach may have been much larger than initially reported. The company, which specializes in digital threat management, said the breach may be part of a much larger attack by a threat group called Magecart. In fact, the breach could affect over 800 e-commerce sites worldwide, according to RiskIQ.

Magecart is a group that digitally skims credit card information from online transactions. They target developers that provide software to larger retailers, such as the chat widget that Ticketmaster uses from Inbenta. The criminals are able to rewrite the software code so payment card details are sent to them instead of the retailer.

Inbenta chief executive Jordi Torras confirmed this is exactly what happened in this breach in a statement published on the company’s website.

“Upon further investigation by both parties, it has been confirmed that the source of the data breach was a single piece of JavaScript code, that was customized by Inbenta to meet Ticketmaster’s particular requirements. This code is not part of any of Inbenta’s products or present in any of our other implementations.

“Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that the customized script was being used this way, we would have advised against it, as it incurs greater risk for vulnerability. The attacker(s) located, modified, and used this script to extract the payment information of Ticketmaster customers processed between February and June 2018.”

RiskIQ stated the breach affected more Ticketmaster users than initially suspected. While initially believed to be limited to the U.K., RiskIQ said Ticketmaster shoppers in the United States, New Zealand, and several other companies could be at risk.

The information contained within this article was accurate as of July 10, 2018. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.

About John H. Oldshue

John Oldshue is the creator of LowCards.com. He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for LowCards.com.
View all posts by John H. Oldshue