At Keller Lenkner UK, we have issued a claim for damages against ticketing giant Ticketmaster following its 2018 data breach. This is the first high profile action to be launched on behalf of multiple claimants in the UK since GDPR came into force. Keller Lenkner UK is the only law firm actively litigating this case in the UK.
But, to date, Ticketmaster is refusing to accept any blame for the breach. Instead, Ticketmaster claims that all responsibility for the data breach rests with Inbenta – a software provider that supplied Ticketmaster with chatbot software. It is this software that was compromised in the data breach incident.
What actually happened in the Ticketmaster data breach?
Is Ticketmaster right?
Our data protection experts don’t think so. In fact, we strongly disagree with this defence and are currently collating evidence to prove that Ticketmaster was liable for the breach.
In addition, according to RiskIQ, Ticketmaster also used SocialPlus – another company allegedly compromised by Magecart. So, while Inbenta has been established as the entry point for the malicious attack on its systems, at least one other source containing the skimmer had access to Ticketmaster’s websites. This indicates a failure in security at Ticketmaster.
Indeed, where a third-party has been involved in a breach, this does not mean the company that collected your data is not to blame. It is their responsibility to put adequate checks and processes in place to secure vendor access. So, implicating Inbenta as the bad actor is legally neither here nor there.
In our expert opinion, having seen the evidence supplied by Inbenta, we are confident Ticketmaster is guilty of severe data protection failures, and that it will be made to compensate victims.
Ticketmaster data breach group action
At Keller Lenkner UK, we are registering people who are interested in making a compensation claim following the Ticketmaster data breach.
Our first group action is ready to be heard in the High Court. But, because of the number of people affected by the Ticketmaster security breach, we are now registering people who want to join a second wave of claimants. If you join this second group, we will progress your claim once our first group action has been decided in court.
Crucially, you do not need to have suffered any financial loss or emotional distress to make a claim. If you have suffered a privacy violation caused by Ticketmaster’s breach of the Data Protection Act, you have a right to claim compensation.