Ticketmaster fined $10 million for hacking into rival’s systems

A former Crowdsurge employee provided Ticketmaster execs with credentials to access an internal password-protected system

Ticketmaster has been fined $10 million (£7.3 million) after senior staff used stolen credentials to illegally access an industry rival’s password-protected platform as part of a scheme to “choke off” the competition.

The fine has been levied by the US Department of Justice following years of legal proceedings, with Ticketmaster having been charged with several counts of computer intrusion and fraud with regards to breaching the systems of its competitor, Crowdsurge.

These charges centre on an anticompetitive scheme Ticketmaster devised after an ex-Crowdsurge employee, who moved to the firm in 2013, emailed executives URLs as well as multiple sets of usernames and passwords to access an internal tool. The intrusion, which lasted until 2015, informed a conscious strategy to “cut [Crowdsurge] off at the knees”.

“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” said acting US attorney Seth DuCharme.  

“Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic. Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.”

While Ticketmaster sells and distributes tickets for events and concerts, Crowdsurge offers artists the ability to sell presale tickets in advance of general sales. The Artist Toolbox, which Ticketmaster illegally infiltrated, is an app that provides real-time data about tickets sold through the company.

The employee, known as coconspirator-1, emailed the former head of Ticketmaster’s Artist Services division, Zeeshan Zaidi, as well as a second executive, multiple account credentials for Toolboxes. Coconspirator-1 encouraged them to “screen-grab the hell out of the system”, with this information subsequently used to prepare a presentation for other executives intended to ‘benchmark’ Ticketmaster’s offerings against Crowdsurge’s

As part of a presentation company summit in May 2014, coconspirator-1 used multiple usernames and passwords he had retained from his employment to log-into Toolbox. He also provided executives with confidential financial documents. 

This led to a promotion and pay rise, with the former Crowdsurge employee then emailing a colleague to say “now we can really start to bring down the hammer” on the victim company. Ticketmaster employees continued to access the password-protected platform until December 2015, according to the US Department of Justice.

It’s illegal for employees to take certain information with them when they move from one workplace to another, and in the UK constitutes a violation of the Computer Misuse Act (CMA). Various historic studies have illustrated how much of a threat this practice is to businesses, with one study in 2016 suggesting a third of ex-workers break the CMA in this way.

“Ticketmaster terminated both Zaidi and Mead in 2017," a spokesperson told IT Pro, "after their conduct came to light. Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.”

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Recommended

ProtectedBy.AI’s CodeLock blocks malware at source code level
software as a service (SaaS)

ProtectedBy.AI’s CodeLock blocks malware at source code level

9 Jun 2021
Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
CISOs aren’t leading by example when it comes to cyber security
cyber security

CISOs aren’t leading by example when it comes to cyber security

24 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021