Ticketek

Summary

Ticketek became aware on May 31, 2024 of a cyber incident affecting Ticketek Australia account holder information stored in a cloud-based platform hosted by a global third-party supplier. The breach exposed data belonging to 17.6 million users, making it one of Australia's largest data breaches by affected individuals.

Attack Vector

The breach occurred through a cloud-based platform hosted by a reputable global third-party supplier. While Ticketek did not officially name the provider, security investigations suggest a possible link to a broader campaign targeting Snowflake cloud data warehousing platform users. The attack method involved unauthorized access to the third-party cloud infrastructure rather than direct compromise of Ticketek's systems.

Consumer Impact

Exposed data includes customer names, dates of birth, email addresses, genders, salutations, and hashed passwords for 17.6 million unique email addresses listed on Have I Been Pwned. The massive scale of the breach affects a significant portion of Australia's population who have purchased event tickets through Ticketek over many years.

Response

Ticketek notified the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner (OAIC), and the National Office of Cyber Security. The company successfully sought and obtained an injunction to prevent any access, dissemination, or publication of the impacted data by third parties, demonstrating proactive legal action to protect customer information.

Legal Proceedings

[[extra.legal]] type = "Class Action" status = "Open" firm = "Multiple firms" url = "https://www.oaic.gov.au/privacy/privacy-complaints/representative-complaint-about-the-handling-of-personal-information-by-ticketek-pty-ltd"