Home Legal News Customers Sue Ticketmaster Over Major Data Protection Breach

Customers Sue Ticketmaster Over Major Data Protection Breach

Ticketmaster is facing a £5 million claim following a major data breach of its UK websites last year.

More than 650 customers affected by the security breach are taking legal action against the ticket sales company.

Up to 40,000 UK Ticketmaster customers are believed to have had “some personal or payment information” stolen following the data security breach. Customer data potentially accessed included addresses, phone numbers, payment info and login details.

Those affected are said to be mainly in the UK and had bought tickets from the main Ticketmaster UK website or sister sites TicketWeb or Get Me In! between February and June last year.

The breach was first made public by Ticketmaster in June 2018, when it admitted its sites had been hacked by malicious software on third-party customer support product, Inbenta Technologies. The product was immediately disabled across the company’s websites and all customers who may have been affected were contacted.

However, it was later revealed the hack had been brought to Ticketmaster’s attention two months earlier by digital bank Monzo, on the 12th April.

The customers’ legal advisers have said more than two thirds of their clients have suffered multiple fraudulent transactions since the serious data breach, with the remainder still at risk of having their data used in fraudulent ways. They have also stated the litigation follows “unsuccessful negotiations” to agree an out of court settlement.

Investigations by the UK’s National Crime Agency and Information Commissioner’s Office (ICO) into the incident are ongoing.

The incident was notified of a month after the European Union’s General Data Protection Regulation went live. Ticketmaster said it was confident it had complied with the GDPR in how it had responded to the incident and notified affected individuals. This is despite Monzo revealing that the firm had initially denied there was any problem two months earlier.

The ICO is yet to decide whether the new data protection regulations should apply to the case given the breach had occurred before GDPR came into force, or if the case is to come under pre-existing data protection law.

Must Read

N244 Form (Where to Find & How to Complete!)

12 minute read Last updated: 13th August 2019 The N244 form is an application notice, used to apply for a court order in the...

Claiming Under the Sale of Goods Act (What You Should Do!)

5 minute read Last updated: 12 August 2019 Claiming under the Sale of Goods Act is the route a consumer should take if they...

Faulty Goods under Warranty (Your Consumer Rights!)

Where an item under warranty develops a fault, the path to remedying the situation may be as straightforward as claiming against your warranty but...

Nemo Dat Quod Non Habet

Nemo dat quod non habet, literally means "no one gives what he doesn't have". This is a legal rule, sometimes called the nemo dat...

Sale of Goods Act (Your Consumer Rights!)

The Sale of Goods Act 1979 states that all goods purchased or sold in the UK must be as described, of satisfactory quality and...