Event ticketing company hacked, at least tens of thousands affected

Share this article:

After a server attack, tens of thousands of customers, who used the services of San Franciso-based online ticketing company Vendini, had their financial and other sensitive information exposed.

How many victims? The exact number is currently unknown but, according to reports, “tens of thousands” were impacted, including 22,900 individuals in Maine.

What type of personal information? Credit card numbers and expiration dates, names, phone numbers and physical and email addresses.

What happened? On March 29, intruders raided a server of Vendini, which provides box-office and online ticketing services for events throughout the United States and Canada. The hackers then were able to access a database containing customers' personal information.

What was the response? Vendini hired a forensic firm to investigate the incident. The company planned to send notification letters to victims.

Details: Vendini also notified Maine's attorney general about the breach, which it detected on April 25. Some states, including Maine, have laws that require breaches be reported to a central repository. On Tuesday, President and CEO Mark Tacchi posted a statement about the incident on Vendini's blog.

According to the statement, credit card security access codes, such as PIN numbers and card verification value (CVV and CVV2) numbers, were not accessed since Vendini does not collect that information.

Source: www.wcsh6.com, WCSH Channel 6, Data breach may affect 23,000 Mainers who bought tickets online,” May 22, 2013.

[An earlier version of this story incorrectly stated that Vendini was based in Boston. Vendini is headquartered in San Francisco and has corporate offices in Boston.]
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.