One of the world’s biggest ticket websites suffered a multi-year data breach

by DTM | Posted on

International ticketing services company See Tickets has been leaking sensitive payment data to cybercriminals for years.

The company, one of the biggest ticket sellers in the world, confirmed the news in a data breach notification shared with the Montana Attorney General’s office, in which it was said that unknown threat actors managed to set up a skimmer on its website on June 25, 2019.

From that date on, the crooks were silently gathering an entire treasure trove of personally identifiable data, including full customer names, postal addresses, credit card numbers, expiration dates, and CVV numbers. Social Security numbers, state identification numbers, and bank account information, were allegedly not affected, as they weren’t stored in See Tickets’ systems, the company said.

Two and a half years of leaks

The company discovered the cyberattack in April 2021 before hiring a forensics firm, as well as partners from Visa, MasterCard, American Express, and Discover, to investigate the matter. 

However it was not until more than half a year later, in January 2022, the skimmer was removed, meaning that all in all, sensitive customer data was exposed to hackers for more than two and a half years. 

We don’t know the exact number of people affected by the attack, or if the skimmer was only installed on the global site or any of See Tickets’ other domains. 

Read more

> This Magecart skimmer has been redesigned for mobile

> Retailers using WooCommerce are the next target for Magecart card skimmer attacks

> Check out the best endpoint protection services right now

What we do know is that the company did not offer the free identity theft protection services that companies usually offer their customers, when found in this type of situation. Instead, customers are left to their own devices. See Tickets warned them to be extra careful when receiving emails and SMS messages claiming to have something to do with the company and to monitor their credit card transactions for any suspicious activity. 

A skimmer is a JavaScript code that cybercriminals inject on the order checkout page, which steals the payment data people type in. 

See Tickets has had more than 9 million visitors in September 2022, according to data from SimilarWeb.

Via: BleepingComputer