Ticket buyers’ information at risk from cyberattack

  • Patrons of Northampton’s Academy of Music are among those whose personal information may have been compromised in a recent hacking attack on the ticket-selling website Ticketfly. GAZETTE FILE PHOTO

@mjtidwell781
Published: 6/5/2018 9:52:33 PM

NORTHAMPTON — Personal information including names, addresses, emails, and phone numbers may have been compromised in a cyberattack on a ticket-selling website used by local businesses such as the Northampton Academy of Music and the Parlor Room.

The Academy sent out a notice of the cyberattack to patrons on Monday, saying that the online ticket-selling company Ticketfly had hired third-party forensic and cybersecurity experts to investigate the incident where a hacker allegedly held the website for ransom before releasing users’ personal data.

However, the Academy’s email read, “the reality is cyber incidents are unique, and the investigations typically take more time than one would like because the full picture of what happened isn’t always quick to develop.”

Academy of Music Executive Director Debra J’Anthony said that Ticketfly was hit with the cyberattack last Wednesday, putting the Academy’s ticket sales down for two days. She said they were able to get back online in time to sell tickets for the weekend shows.

J’Anthony said that because Ticketfly uses a third party to process payments, no password or credit card information is believed to have been exposed.

“We don’t have all the information yet,” J’Anthony said.

The Parlor Room in Northampton and Gateway City Arts in Holyoke also use Ticketfly, and the Pines Theater at Look Park has used Ticketfly for event tickets in the past.

A website that tracks data breaches, haveibeenpwned.com, estimates that some 26 million users’ information was compromised in the Ticketfly attack.

According to a screenshot shared on Twitter, the Ticketfly homepage was replaced Wednesday night with a depiction of the character from the movie “V for Vendetta,” along with the message “Ticketfly HacKeD By IsHaKdZ. Your Security Down im Not Sorry.”

Vice News’ Motherboard, a technology news website, claimed to have had an email conversation last week with someone claiming to be the hacker and to have exploited a vulnerability in the Ticketfly website to take control of “all database” for Ticketfly and its website.

The alleged hacker told Motherboard they asked for 1 bitcoin (worth around $7,500 at the time) to share details about the vulnerability with the company, but after receiving no reply from Ticketfly, published the data on a public server.

Motherboard stated that it had procured CSV files allegedly posted by the hacker and said that it had verified the information of at least six people on the spreadsheet.

Ticketfly immediately shut down its website on Wednesday to investigate the breach. As of Tuesday, the main Ticketfly website was still down, though individual venues’ ticket websites were back up as of Sunday.

“In the meantime, we encourage you to keep checking in on your favorite venue/promoters’ websites, social media channels, or box offices,” a message on the site read. “Shows are on and tickets are available online and onsite.”

J’Anthony said the Academy will provide any new information about the incident as soon as it becomes available from Ticketfly.

“They and we understand the importance you place on the privacy and security of your data and we deeply regret any unauthorized access to it,” J’Anthony wrote in the notice to patrons. “They have assured us that they are taking this very seriously and are committed to providing updates as appropriate.”

Abbie Duquette, box office manager at the Parlor Room, said the Parlor Room’s website was down until Sunday and ticket sales for the venue only went back online Monday, though luckily the venue didn’t have any big shows that were affected by the downtime.

“I think they handled it well — super inconvenient to be down for a couple of days but it’s better to be safe than sorry,” Duquette said. “They made customers’ safety a priority.”

Rachel McCandlish, event manager for Gateway City Arts, said the venue’s Ticketfly website was down from Wednesday to Sunday also, but for one show during that time period, the venue relied on showgoers’ good faith assertions that they had previously bought tickets.

“We had a couple of calls from people who were confused that they couldn’t buy tickets,” McCandlish said. “But no one seemed upset.”

McCandlish said that as an extra security precaution, Ticketfly users and venues were asked to change their passwords.

A statement was posted on the Ticketfly website Tuesday regarding the attack.

“As many of you are aware, Ticketfly.com has been the target of a cyber incident. In consultation with leading third-party forensic and cybersecurity experts, we are in the process of bringing the Ticketfly ticketing system back online with the security of our clients and fans top of mind. We are grateful for the outpouring of support our community has shown us while we continue to work through this cyber incident, and appreciate your continued patience as we bring the systems back online.”

M.J. Tidwell can be reached at mjtidwell@gazettenet.com.


Daily Hampshire Gazette Office

115 Conz Street
Northampton, MA 01061
413-584-5000

 

Copyright © 2019 by H.S. Gere & Sons, Inc.
Terms & Conditions - Privacy Policy