Ticketmaster fined £1.25m over payment data breach
Publishedduration1 day agoimage copyrightTicketmaster
Ticketmaster UK has been fined £1.25m for failing to keep its customers' personal data secure.
The fine was issued by the Information Commissioner's Office (ICO) following a cyber-attack on the Ticketmaster website in 2018.
The ICO said personal information and payment details had potentially been stolen from more than nine million customers in Europe.
Ticketmaster said it would appeal against the ruling.
An investigation found a vulnerability in a third-party chatbot built by Inbenta Technologies, which Ticketmaster had installed on its online payments page.
A cyber-attacker was able to use the chatbot to access customer payment details.
Following the breach, 60,000 Barclays bank customers were victims of fraud. Online bank Monzo had to replace 6,000 payment cards due to fraud.
The ICO said Monzo, the Commonwealth Bank of Australia, Barclaycard, Mastercard and American Express had all warned Ticketmaster of suspected fraud.
But Ticketmaster took nine weeks to start monitoring activity on its payments page, according to the ICO.