Two and a half years of undetected data leakage on the ticketing platform See Tickets

 Recently, See Tickets made headlines due to the exposure of the data leakage incident, and released notices in several states of the United States to disclose the violation information, but no official statement has been released.

See Tickets under French media giant Vivendi is one of the world's leading international ticketing service providers. It retails and distributes tickets for music, festivals, dramas, sports, comedies, exhibitions and other entertainment activities in the European and North American markets, and cooperates with more than 5000 customers worldwide.

According to the notice of personal and financial data exposure sent by See Tickets to customers, this data disclosure event has lasted more than two and a half years. An attacker may steal sensitive payment card data through the Skimmer script injected on the See Tickets website. Skimmer secret stealing script is a short JavaScript code injected into the website checkout page, mainly used to steal the buyer's payment card details. In the case of See Ticket, the credit card details of users who buy tickets for entertainment activities through their websites were stolen.

According to the data leakage notice released by the Attorney General's Office of Montana, the leakage was discovered in April 2021. See Tickets immediately began to cooperate with a forensics company to investigate the incident, and disclosed that the leak started on June 25, 2019.

评论

此博客中的热门博文

5 Free Open Source Backup Software for Linux