In an email to users, See Tickets said a threat actor could access certain event checkout pages on its website for over two years. This means they could access all the information users provide when buying tickets, including names, addresses, zip codes, credit/debit card numbers, card expiration dates, and CVV numbers. The company said it only “determined” that this breach may have exposed users’ sensitive information on September 12. See Tickets insists the breach did not expose users’ bank account information and other identification details.
Credit Card-Skimming Attack
While See Tickets did not shed light on how the threat actor hacked its systems, it appears to be a skimming or magecart attack. Hackers add malicious lines of code to a website’s checkout page, allowing them to access users’ payment information. See Tickets said it first noticed suspicious activity on its systems in April 2021 and employed a forensics firm to investigate the breach. The company finally shut down the stealth attack in January this year. Since then, See Tickets has worked with multiple forensics firms to investigate the incident alongside payment companies Visa, MasterCard, American Express, and Discover. See Tickets operates in several countries, including the US, UK, France, Spain, Belgium, and Portugal. The company has not provided information about the number of people affected. It is unclear if the incident affected users outside the United States. A law firm investigating the incident on behalf of victims said there are reportedly over 92,000 victims in Texas.
Keep an Eye Out for ‘Anything Suspicious’
In the aftermath of this incident, See Tickets said it has taken extra steps to protect its systems. “We have taken steps to deploy additional safeguards onto our systems, including by further strengthening our security monitoring, authentication, and coding,” the company explained. See Tickets cautioned the affected users to be on high alert and report any suspicious activity — like unauthorized transactions in their bank and credit card statements — to the respective authorities. The company also advised users to be on the lookout for potential phishing attacks, identity theft, and fraud. If you believe you’re a victim of this breach, our articles on phishing, identity theft, and dark web monitoring contain useful information on how to bolster your security and minimize the potential consequences of criminals gaining access to your data.