Ticketing providers company See Tickets has notified greater than 300,000 people that their cost card knowledge was stolen in a brand new internet skimmer assault.
Owned by Vivendi SA, See Tickets supplies ticketing providers for a broad vary of occasion varieties, together with comedy, competition, life-style, and sport, and operates each regional and worldwide web sites in North America and Europe.
In a data breach notification letter despatched to the affected people, a duplicate of which was submitted to the Maine Legal professional Basic’s Workplace, See Tickets says the brand new assault was recognized in Could 2023 and utterly shut down in July.
“In Could 2023, See Tickets turned conscious of surprising exercise on sure of its e-commerce web sites,” the company notes within the notification letter.
A forensics agency retained to research the hacker assault found that, in Could and June 2023, an unauthorized third-party “inserted a number of situations of malicious code into numerous [See Tickets’] e-commerce checkout pages”, See Tickets explains.
Between February 28 and July 2, the malicious code – which is usually known as an online skimmer – collected and exfiltrated the knowledge that customers supplied on these checkout pages, together with their names, addresses, and cost card info.
The ticketing providers company additionally notes that it has no proof to counsel that the stolen private info was fraudulently used. Nonetheless, such knowledge is usually shared between cybercriminals and used to carry out varied kinds of fraud.
See Tickets claims to have applied extra safeguards to guard cost card info on its internet pages, however that is the second time previously 12 months that it warns customers of an online skimmer on its web sites.
Disclosed in October 2022 and impacting names, addresses, and cost card knowledge, the primary skimmer assault was recognized in April 2021 however solely shut down in January 2022.
