Advertisement

Ticketfly hacked: What to know about the online ticketing service’s data breach

Laptop and mobile phone.
Laptop and mobile phone. File Photo / Getty Images

Concert ticket retailer Ticketfly has been offline since last week after a data breach leaked customer’s personal information and disrupted live music at venues across North America.

Ticketfly, which is owned by Eventbrite, took down the site and posted a message saying that the company had been “the target of a cyber incident.” Ticketfly sells tickets for many major venues in Canada and the United States.

READ MORE: Health, credit card data left unsecured at Ontario-based fitness app PumpUp

The website was still down as of Monday morning and there is currently no timeframe for when the company’s ticketing systems will be back online.

What happened?

On May 31, Ticketfly was defaced by an attacker and was subsequently taken offline, Vice’s Motherboard reported. The attacker allegedly requested a ransom to share details of the vulnerability with Ticketfly but did not receive a reply and subsequently posted the breached data online to a publicly accessible location, Motherboard reported.

Story continues below advertisement

How many accounts were breached?

Ticketfly did not say how many customer accounts were breached.

However, the data-breach-tracking website haveibeenpwned.com, said more than 26 million accounts were affected.

What information was hacked?

Ticketfly said that some customers’ names, addresses, email addresses and phone numbers had been exposed. Passwords and credit-card numbers were apparently not affected.

.According to Motherboard, the hacker has several spreadsheet files that appear to contain personal information about thousands of Ticketfly customers and employees of venues that use the service.

“We understand the importance you place on the privacy and security of your data and we deeply regret any unauthorized access to it. We assure you we are taking this very seriously and are committed to providing updates as appropriate,” Ticketfly said in a statement.

WATCH: Should companies be penalized for data breaches?

Should companies be penalized for data breaches?
Should companies be penalized for data breaches?

How were venues affected?

Venues across Canada and the U.S. that partner with Ticketfly have taken to social media telling people to bring a photo ID and a printed copy of a ticket due to the data hack.

Story continues below advertisement

How to access tickets if you already purchased one

Any previously purchased tickets are still valid, according to Tickeyfly.

READ MORE: Companies will now have to tell Canadian consumers when their privacy is breached — and do it quickly

You should reset your password and then you will have access to all of your previously purchased tickets. You can login to your Ticketfly account, here.

What is Tickefly doing about the hack?

“We’ve engaged leading third-party forensic and cybersecurity experts to investigate and help us address the issue, and have done this with your security top of mind,” Ticketfly said in a statement.

“More specifically, box office, ticket purchasing, and scanning capabilities are now being made available again. As things come back online we expect there will be some technical issues with certain functionality typical to bringing these types of operations back online.”