EXPERT REACTION: Ticketmaster customers caught up in cybersecurity incident

At this point, we do not know the full extent of the reported Ticketmaster breach. However, as with other recent data breaches it demonstrates that companies which collect large quantities of personal and financial information represents a prime target for cybercriminals. 

This breach highlights the urgent need for the Federal government to push forwards with reforms to the Privacy Act. These reforms would bring Australian laws in line with those in other jurisdictions, such as the European Union and California, and impose heightened security requirements on companies gathering large amounts of personal data. These reforms would also limit the ability of data brokers such as Ticketmaster to sell on personal data to third parties without obtaining consent from customers first.

The Australian Competition and Consumer Commission (ACCC) has recently released an Interim Report as part of the Digital Platform Services Inquiry which, amongst other things, highlights the potential risks of consumer harm from data breaches. When these breaches occur, consumers have limited means to seek restitution for any financial harm or emotional distress. Therefore, this breach highlights the need for regulatory agencies such as the ACCC and the Australian Information Commissioner to investigate companies that do not appropriately secure personal information.

Significant data breaches are becoming all too common. The current legislative approach is clearly not working, as organisations are still not putting sufficient effort into cyber risk management.

There are over 5 million Australian and New Zealand Ticketmaster account holders, they will be concerned about any loss of personal information, including names, addresses, passwords, credit card numbers, etc. and where this may end up on the dark web.

It is troubling that Ticketmaster has not made any public statements regarding this data breach. Organisations need to be more proactive in their communications and inform the public what has happened and how they are remediating the situation.

Consumers need to remain hyper-vigilant in the online world and be on the lookout for unusual emails, SMS or phone calls. They should also look for any suspicious credit card transactions.

There is an ongoing cyber incident impacting Ticketmaster customers in response to claims it is part of a data leak expected to impact hundreds of millions of customers globally. The data that has been hacked is referred to as Personally identifiable information (PII), this is sensitive data that is used to confirm an individual's identity.

The hacking group behind the attack has now demanded a ransom be paid in order to not release the data that they have stolen. In terms of paying a ransom, the advice is always never to pay a ransom.

The reason for this is that paying a ransom increases the chances of future attacks. The other concern is that the attackers may not release the data once the payment has been paid. The attackers may release some of the data and demand additional payments, or they may just sell the data on the darknet anyway.

Once the data has been stolen from the organisation there is nothing that the organisation can do to protect the data. If the organisation had encrypted the data, then if the data had been stolen, it would have been unusable by the hacker.

The Ticketmaster attack highlights our new cyber normal. If steps are not undertaken by organisations to improve their cyber security then the situation will be repeated time after time.

For individuals in Australia that are impacted by the cyber incident, if people feel they have been impacted by a scam they can report it to Scamwatch, and if people are concerned they may have fallen victim to identity theft they can contact IDCARE.