BLOG: Ticketmaster To Pay $10 Million Fine Over Hacking Scandal
The recent news surrounding Ticketmaster has caused some controversy. Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems of a rival company on many occasions, between 2013 and 2015 in order to “cut the company off at the knees.” This fine was set in place to avoid prosecution under the US Computer Fraud And Abuse Act.
Ticketmaster used stolen information to gain an advantage over CrowdSurge by hiring a former employee to break into its tools and gain insight into the firm’s operations. The employees in question illegally and repeatedly accessed a competitor’s computers without authorisation using stolen passwords to unlawfully collect business intelligence as a “business tactic.”
These allegations were first made public knowledge by Variety in 2017 after CrowdSurge sued Live Nation for antitrust violations, accusing Ticketmaster of accessing confidential business plans, contracts, client lists, and credentials of CrowdSurge tools.
According to court documents released on December 30, after being hired by Live Nation in 2013, Stephen Mead, who was previously employed by CrowdSurge as a general manager of U.S. operations, shared with Zeeshan Zaidi, the former head of Ticketmaster’s artist services division, and another Ticketmaster employee the passwords to Artist Toolbox, an app that provided real-time data about tickets sold through the victim company.
Mead is accused of password theft and providing “internal and confidential financial documents” retained from his former employer, as well as URLs for draft ticketing web pages to learn which artists planned to use CrowdSurge to sell tickets and “dissuade” them from doing so.
Both Individuals behind this scheme, Mead, and Zaidi are no longer employed by Ticketmaster. Ticketmaster previously settled a lawsuit brought by Songkick in 2018 by agreeing to pay the company’s owners $110 million and acquire its remaining intellectual property not sold to WMG for an undisclosed amount.
It was alleged that Zaidi had encouraged Mead to use his knowledge of his former employee’s systems to hack into its servers to get confidential information about its products and in particular its work developing pre-sale and anti-touting ticketing services.
The company will also be required to make an annual report to the U.S. Attorney’s Office over the next three years to ensure compliance.
Adjacent to paying the fine, Ticketmaster has also allegedly agreed to introduce a “compliance and ethics programme designed to prevent and detect violations” of computer-hacking laws as well as to prohibit the “unauthorised and unlawful acquisition of confidential information belonging to competitors”.
We discuss this topic further in our blog post ‘You’re hired!’ The rise of corporate hack-for-hire groups unpacking the threat from hack-for-hire groups operating on behalf of corporate clients.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on
our cyber intelligence insights and news.
Privacy Overview
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Strictly Necessary Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features. These must be enabled at all times, so that we can save your preferences.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
If you do not enable Strictly Necessary Cookies, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
3rd Party Cookies
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Orpheus is a leading cyber security company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. Our threat intelligence is used to create threat-led cyber risk ratings, providing a more accurate assessment of risk than just analysing an organisation’s attack surface. Products include; External attack surface management, risk-based vulnerability management, third-party supply chain risk management and cyber threat intelligence. Cyber security jobs and careers.
Request Demo Access
Fill out your details below and we'll be in touch to arrange demo access for you as soon as
possible.