Ticketmaster admits weekend hack with emails ‘from an unauthorised party’
TicketWeb, part of Ticketmaster, has admitted that emails sent at the weekend asking consumers to update their PDF application came from ‘an unauthorised party’.
Users who are sent marketing emails from Ticketmaster received an email on Saturday entitled “Action Required : Update Your PDF Application”.
The email asked users to click through to a fake website featuring Adobe’s trademarked logos, which aimed to get people downloading software.
Blogger David Cannings, who received the email, wrote: “Nothing conclusively shows that Ticketmaster have been hacked. It could be an affiliate of theirs, or a customer who has permission to send emails using the Ticketmaster service. What is clear is that it definitely came from Ticketmaster and uses their service.
“Four hours after this was first reported to Ticketmaster on Twitter the link still works and some spammers somewhere are still collecting the click-through cash.”
Yesterday, TicketWeb sent an email through its system, reading: “Dear TicketWeb Customer,
“We have discovered that our TicketWeb UK direct email marketing system was exposed to unauthorised access. As a result, you may have received up to four emails on Saturday, February the 11th, from an unauthorised party with the subject as “Action Required: Update Your PDF Application” and containing a link to update an Adobe Acrobat PDF application. Please do not click this link, but delete the email.
“We have taken immediate action to close the vulnerability. You can rest assured that none of your credit card information was vulnerable during this attack.
“We sincerely regret any inconvenience this has caused. We are continuing to investigate this unauthorised access, and will send you a follow-up email when we have additional information.”