Ticketmaster Fined $10m

Ticketmaster operates a platform for consumers to buy tickets for events including music concerts and sporting events. 

A group of Ticketmaster executives created a hacking attack against a rival concert pre-sales firm, with the aim to take down its business and now Ticketmaster has agreed to pay a criminal fine of $10 million (£7.3m) after staff admitted to hacking into a rival firm's systems in order to "choke off" their presale ticket business. US prosecutors say the goal was to “steal back” key clients. 

Under the terms of the settlement, Ticketmaster will pay a criminal penalty of $10 million and will maintain a “compliance and ethics program designed to prevent and detect violations” of computer-hacking laws as well as to prevent the “unauthorised and unlawful acquisition of confidential information belonging to competitors.”  

The US Department of Justice (DoJ) said employees of Ticketmaster, a subsidiary of Live Nation Entertainment, "repeatedly" infiltrated the computers of a rival presale tickets seller. According to the US Eastern District Court of New York, a former employee of the victim firm, Crowdsurge which maintained a presence in both the UK and New York until 2017, left their post in 2012 to join Live Nation. 

Despite signing a confidentiality agreement before entering their new employment, this individual, instead, entered into a scheme designed to disrupt the competitor's business operations.  

The DoJ says that after joining Live Nation in 2013, the co-conspirator shared confidential information with Ticketmaster employees including the former head of the Artist Services division Ahmed Zeeshan Zaidi.  Ticketmaster's rival offered presale tickets before they were made available to the general public and created a password-protected app for artists to track their ticket sales, known as ToolboxesThe unnamed conspirator was promoted and given a raise the year following. Ticketmaster employees continued to lurk in Toolboxes and maintained a spreadsheet of all account URLs until the end of 2015.

One of the overall goals was to "steal back one of the victim company's signature clients," US prosecutors said, and if successful, this would "choke off" the Ticketmaster rival, "cutting them off at the knees."  

A senior executive of Live Nation asked Zaidi and others to prepare a presentation comparing Ticketmaster pre-sale to the rival's Toolboxes, and the team obliged, by once again using the stolen passwords, this time in public.  Employees involved in the scheme were fired. US prosecutors filed five criminal counts against Ticketmaster, including wire fraud and conspiring to commit computer intrusion. In a separate but related case, Zaidi pled guilty to conspiring to commit computer intrusions and wire fraud.  

Ticketmaster will pay a criminal penalty of $10 million and has agreed to submit to a three-year deferred prosecution agreement including the creation of a new compliance and ethics program. The ticket seller must also report to the United States Attorney's Office annually until the agreement expires.  

US Dept. of Justice:        Variety:     Threatpost:       ITPro:        ZDNet

You Might Also Read:

Flight Ticket Fraud Alert:

 

« WEBINAR: Build An Effective Cloud Threat Intelligence Program In The AWS Cloud
Cyber Security Training Drill »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Huawei

Huawei

Huawei is a leading global ICT solutions provider. with end-to-end capabilities across the carrier networks, enterprise, consumer, and cloud computing fields.

BSI Group

BSI Group

BSI is the business standards company that equips businesses with the necessary solutions to turn standards of best practice into habits of excellence

F-Secure

F-Secure

F-Secure defends enterprises and consumers against everything from opportunistic ransomware infections to advanced cyber attacks.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

SiteGuarding

SiteGuarding

SiteGuarding provide website security tools and services to protect your website against malware and hacker exploits.

Jumpsec

Jumpsec

Jumpsec provides penetration testing, security assessments, social engineering testing, cyber incident response, training and consultancy services.

PlainID

PlainID

PlainID provides IAM teams with a simple and intuitive means to control their organization’s entire authorization process.

Meiya Pico Information Co

Meiya Pico Information Co

Meiya Pico is the leading digital forensics and information security products and service provider in China.

Wipro

Wipro

Wipro Limited is a leading global information technology, consulting and business process services company.

Multitel

Multitel

Multitel is an independent research centre. We develop and integrate emerging technologies into the industrial fabric at the regional and international levels.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

AEWIN Technologies

AEWIN Technologies

AEWIN is professional in the fields of Network Appliance, Cyber Security, Server, Edge Computing and an ODM/OEM expert.

GoVanguard

GoVanguard

GoVanguard is an boutique information security team delivering robust, business-focused information security solutions.

AirMDR

AirMDR

Designed by experts, AirMDR solutions cater to the unique demands of security operations centers.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.