Ticket sales platform See Tickets report data breach, exposes payment data

See Tickets, a major player in the global ticket sales industry, reports a second data breach in a span of one year, raising concerns about the security of customer information.

The breach came to light when See Tickets noticed "unusual activity" on its e-commerce websites in May. In response, the company enlisted the services of an unidentified cybersecurity firm to investigate the issue. The investigation revealed that hackers had infiltrated the company's e-commerce checkout pages by inserting multiple instances of malicious code. This suggests the use of credit card skimming malware, which is designed to steal payment card details when customers submit their information during the checkout process.

As a result of this breach, the attackers gained access to a significant amount of sensitive customer data, including

• names,
• addresses,
• payment card information.
• credit or debit card numbers,
• security codes,
• access codes,
• passwords, or PIN numbers used for the cards.

The breach is estimated to have impacted more than 323,000 See Tickets customers who made purchases on the website between February 28 and July 2. Affected customers received notification letters from See Tickets, which indicated that the company had concluded its investigation on July 21. Despite the investigation's completion in July, See Tickets took over six weeks to notify affected customers of the breach, a delay that has raised concerns about the company's response time and customer data protection.

This incident marks the second data breach for See Tickets in recent months. In October 2022, the company revealed that hackers had accessed customers' payment card details after compromising event checkouts for over two years.