Ticketmaster’s UK division has been slapped with a $1.65 million fine by the Information Commissioner’s Office (ICO) in the UK, over its 2018 data breach that impacted 9.4 million customers.

The fine (£1.25million) has been levied after the ICO found that the company “failed to put appropriate security measures in place to prevent a cyber-attack on a chat-bot installed on its online payment page” – a failure which violates the E.U.’s General Data Protection Regulation (GDPR).

In June 2018, the ticket-selling giant said that it found malware within a customer chat function for its websites, hosted by Inbenta Technologies. Worryingly, the malicious code was found to be accessing an array of information, including name, address, email address, telephone number, payment details and Ticketmaster login details. It later came to light that the attack was the work of the Magecart gang, known for injecting payment skimmers into vulnerable website components.

#breach #government #hacks #malware #web security #$1.65 million #1.25 million #chatbot #data breach #europe #fine #gdpr #general data protection regulation #ico #magecart #ticketmaster uk