February 13, 2012 2:50 PM
Hackers spam Ticketweb users after email breach
In an email sent to its customer database the following day, the Ticketmaster subsidiary said that its email marketing system had been breached, resulting in customers receiving several identical phishing emails that invite users to click on malicious links.
“Please do not click this link, but delete the email," said Ticketweb in its customer service email.
Beyond the fact that the emails appear to come from Ticketweb, the emails should be easy to spot because they push bogus updates for the Adobe PDF Reader application that has no obvious connection to the company.
“We have taken immediate action to close the vulnerability. You can rest assured that none of your credit card information was vulnerable during this attack,” Ticketweb added.
“We sincerely regret any inconvenience this has caused. We are continuing to investigate this unauthorised access, and will send you a follow-up email when we have additional information.”
The number of email addresses hacked has not been confirmed, an important missing detail perhaps.
As embarrassing as the hack will be, it is probably a small event next to the worst marketing email hack recorded, the US Epsilon breach of March 2011. Epsilon’s hack was huge with as with as many as 50 different companies and millions of email addresses exposed.
A better comparison is probably that of UK hotel chain Travelodge, which in June 2011 admitted it had suffered a breach of its customer database. Disturbingly, the company only appeared to realise the issue when customers started complaining about receiving spam.