Ticketmaster Fined $10m

Uploaded on 2021-01-11 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Law

Ticketmaster operates a platform for consumers to buy tickets for events including music concerts and sporting events. 

A group of Ticketmaster executives created a hacking attack against a rival concert pre-sales firm, with the aim to take down its business and now Ticketmaster has agreed to pay a criminal fine of $10 million (£7.3m) after staff admitted to hacking into a rival firm's systems in order to "choke off" their presale ticket business. US prosecutors say the goal was to “steal back” key clients. 

Under the terms of the settlement, Ticketmaster will pay a criminal penalty of $10 million and will maintain a “compliance and ethics program designed to prevent and detect violations” of computer-hacking laws as well as to prevent the “unauthorised and unlawful acquisition of confidential information belonging to competitors.”  

The US Department of Justice (DoJ) said employees of Ticketmaster, a subsidiary of Live Nation Entertainment, "repeatedly" infiltrated the computers of a rival presale tickets seller. According to the US Eastern District Court of New York, a former employee of the victim firm, Crowdsurge which maintained a presence in both the UK and New York until 2017, left their post in 2012 to join Live Nation. 

Despite signing a confidentiality agreement before entering their new employment, this individual, instead, entered into a scheme designed to disrupt the competitor's business operations.  

The DoJ says that after joining Live Nation in 2013, the co-conspirator shared confidential information with Ticketmaster employees including the former head of the Artist Services division Ahmed Zeeshan Zaidi.  Ticketmaster's rival offered presale tickets before they were made available to the general public and created a password-protected app for artists to track their ticket sales, known as ToolboxesThe unnamed conspirator was promoted and given a raise the year following. Ticketmaster employees continued to lurk in Toolboxes and maintained a spreadsheet of all account URLs until the end of 2015.

One of the overall goals was to "steal back one of the victim company's signature clients," US prosecutors said, and if successful, this would "choke off" the Ticketmaster rival, "cutting them off at the knees."  

A senior executive of Live Nation asked Zaidi and others to prepare a presentation comparing Ticketmaster pre-sale to the rival's Toolboxes, and the team obliged, by once again using the stolen passwords, this time in public.  Employees involved in the scheme were fired. US prosecutors filed five criminal counts against Ticketmaster, including wire fraud and conspiring to commit computer intrusion. In a separate but related case, Zaidi pled guilty to conspiring to commit computer intrusions and wire fraud.  

Ticketmaster will pay a criminal penalty of $10 million and has agreed to submit to a three-year deferred prosecution agreement including the creation of a new compliance and ethics program. The ticket seller must also report to the United States Attorney's Office annually until the agreement expires.  

US Dept. of Justice:        Variety:     Threatpost:       ITPro:        ZDNet

You Might Also Read:

Flight Ticket Fraud Alert:

 

« WEBINAR: Build An Effective Cloud Threat Intelligence Program In The AWS Cloud
Cyber Security Training Drill »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Wisegate

Wisegate

Wisegate is a community of IT experts providing advisory services on all areas of IT including security.

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

Silicon:SAFE

Silicon:SAFE

Silicon:SAFE develops impenetrable hardware solutions that prevent bulk data theft during a cyber-attack.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

iFluids Engineering

iFluids Engineering

iFluids Engineering is a leading engineering consulting and risk management firm providing a full range of services including Cyber Security for Industrial Control Systems.

BioConnect

BioConnect

BioConnect provide biometric access control solutions to verify a person’s identity across physical, IOT and digital applications.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

PixelPlex

PixelPlex

PixelPlex is a blockchain and custom software development company with offices and developers in New York, Geneva, and Seoul.

United Network Technologies

United Network Technologies

United Network Technologies is a leading Managed Services Provider, distributor and developer of specialised cyber security components and technologies.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

AdronH

AdronH

AdronH is a company of Cyber Security consultants. We support companies and public institutions with their digital transformation to new and secure business platforms.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Hetz Ventures

Hetz Ventures

Hetz Ventures is a global-facing VC investing in highly talented and ambitious Israeli founders who operate at the cutting edge of deep technology.

Reaktr.ai

Reaktr.ai

Reaktr.ai is founded on the vision of using AI as a catalyst to propel industries into a future where we redefine what's possible. Fortify your cybersecurity defense with our AI-powered platform.