Ticketmaster Fined $10m

Uploaded on 2021-01-11 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Law

Ticketmaster operates a platform for consumers to buy tickets for events including music concerts and sporting events. 

A group of Ticketmaster executives created a hacking attack against a rival concert pre-sales firm, with the aim to take down its business and now Ticketmaster has agreed to pay a criminal fine of $10 million (£7.3m) after staff admitted to hacking into a rival firm's systems in order to "choke off" their presale ticket business. US prosecutors say the goal was to “steal back” key clients. 

Under the terms of the settlement, Ticketmaster will pay a criminal penalty of $10 million and will maintain a “compliance and ethics program designed to prevent and detect violations” of computer-hacking laws as well as to prevent the “unauthorised and unlawful acquisition of confidential information belonging to competitors.”  

The US Department of Justice (DoJ) said employees of Ticketmaster, a subsidiary of Live Nation Entertainment, "repeatedly" infiltrated the computers of a rival presale tickets seller. According to the US Eastern District Court of New York, a former employee of the victim firm, Crowdsurge which maintained a presence in both the UK and New York until 2017, left their post in 2012 to join Live Nation. 

Despite signing a confidentiality agreement before entering their new employment, this individual, instead, entered into a scheme designed to disrupt the competitor's business operations.  

The DoJ says that after joining Live Nation in 2013, the co-conspirator shared confidential information with Ticketmaster employees including the former head of the Artist Services division Ahmed Zeeshan Zaidi.  Ticketmaster's rival offered presale tickets before they were made available to the general public and created a password-protected app for artists to track their ticket sales, known as ToolboxesThe unnamed conspirator was promoted and given a raise the year following. Ticketmaster employees continued to lurk in Toolboxes and maintained a spreadsheet of all account URLs until the end of 2015.

One of the overall goals was to "steal back one of the victim company's signature clients," US prosecutors said, and if successful, this would "choke off" the Ticketmaster rival, "cutting them off at the knees."  

A senior executive of Live Nation asked Zaidi and others to prepare a presentation comparing Ticketmaster pre-sale to the rival's Toolboxes, and the team obliged, by once again using the stolen passwords, this time in public.  Employees involved in the scheme were fired. US prosecutors filed five criminal counts against Ticketmaster, including wire fraud and conspiring to commit computer intrusion. In a separate but related case, Zaidi pled guilty to conspiring to commit computer intrusions and wire fraud.  

Ticketmaster will pay a criminal penalty of $10 million and has agreed to submit to a three-year deferred prosecution agreement including the creation of a new compliance and ethics program. The ticket seller must also report to the United States Attorney's Office annually until the agreement expires.  

US Dept. of Justice:        Variety:     Threatpost:       ITPro:        ZDNet

You Might Also Read:

Flight Ticket Fraud Alert:

 

« WEBINAR: Build An Effective Cloud Threat Intelligence Program In The AWS Cloud
Cyber Security Training Drill »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Chertoff Group

Chertoff Group

The Chertoff Group provide security advice and risk management services covering cyber security, insider threat, physical security and asset protection.

Mexis

Mexis

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Excellium Services

Excellium Services

Excellium’s Professional Services team combines expertise and experience that complements your in-house security resources.

Blockchain R&D Hub

Blockchain R&D Hub

Blockchain R&D Hub's mission is to serve the needs of blockchain ecosystem as the center of excellence for technology research and development.

New Enterprise Associates (NEA)

New Enterprise Associates (NEA)

As one of the world’s largest and most active venture capital firms, NEA has developed deep domain expertise and insight into our industries of focus - technology and healthcare.

Liberty Mutual

Liberty Mutual

Liberty Specialty Markets offers specialty and commercial insurance and reinsurance products, including Cyber, across the USA, Europe, Middle East and other international locations.

Polaris Infosec

Polaris Infosec

Polaris Web Presence Protection (WPP) is powered by our proprietary artificial intelligence and machine learning engine to ensure that attacks are stopped before they affect your business.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Trisul Network Analytics

Trisul Network Analytics

Trisul helps organizations deploy full spectrum deep network monitoring which can serve as a single source of truth for performance monitoring, security analytics, threat detection and compliance.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

Illustria

Illustria

Illustria is your agent-less “watchdog” for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.