Another victim comes forward in massive ticketing software company breach

Share this article:

Hackers accessed the credit card information of tens of thousands customers of the University of Michigan's Union Ticket Office, the latest organization that has fallen victim to a breach affecting a third-party vendor.

How many victims? More than 33,000.

What type of personal information? Names, street addresses, email addresses, phone numbers, credit card numbers and expiration dates.

What happened? The database supplied by third-party ticketing solution provider Vendini was compromised by hackers who may have stolen the personal information of any U of M customer in the last two years.

What was the response? University officials have contacted all individuals affected by the breach.

Details: How the hackers were able to compromise the Vendini systems is currently unknown. According to a statement released by the company, the stolen information does not include credit card security access codes, account user names or passwords.

Other entities may also have been affected.

Quote: “It's not a U of M security breach, and it involves many other ticketing outlets across the United States and Canada,” Rick Fitzgerald, spokesman for the University of Michigan, said.

Source: www.cbslocal.com, CBS Local Detroit, “UM Warns Ticket Buyers of Security Breach,” June 13, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

Transcript website flaw exposed personal data on 98k users

NeedMyTranscripts.com expose users' names, addresses and dates of birth, among other information, due to a site flaw that one user discovered.

Sourcebooks payment card breach impacts more than 5,000 customers

More than 5,000 customers had personal information stolen, but roughly 9,000 notification letters were sent out as a precautionary measure.

Cyberswim notifies customers that payment card data may be at risk

Malicious software installed on Sept. 24 may have compromised personal information for visitors that made purchases between May 12 and Aug. 28.