NEWS16 November 2020
All MRS websites use cookies to help us improve our services. Any data collected is anonymised. If you continue using this site without accepting cookies you may experience some performance issues. Read about our cookies here.
All MRS websites use cookies to help us improve our services. Any data collected is anonymised. If you continue using this site without accepting cookies you may experience some performance issues. Read about our cookies here.
Insight & Strategy
Columnists
Impact magazine is a quarterly publication for MRS members. You can access Impact content on this website.
UK – The Information Commissioner’s Office (ICO) has fined events firm Ticketmaster UK £1.25m for failing to keep customers’ personal data secure.
The ICO found that Ticketmaster had breached the General Data Protection Regulation (GDPR) by failing to put appropriate security measures in place to prevent a cyber-attack on a chat bot on the online payment page of the company’s website in 2018.
The resulting data breach included names, payment card numbers, expiry dates and card verification value (CVV) number, and potentially affected 9.4 million customers, including 1.5 million people in the UK.
The breach led to frauds on 60,000 payment cards belonging to Barclays Bank customers. Monzo Bank also replaced 6,000 cards due to suspected fraudulent use.
The cyber-attack began in February 2018, but the fine issued related to the period between the introduction of the GDPR on 25th May 2018 and the removal of the chat bot on 23rd June 2018.
The issue was raised with Ticketmaster by several banks, said the ICO, but the company took nine weeks in total to identify the issue.
The ICO found that Ticketmaster had failed to properly assess the risks of using the chat bot on its payment page, and had not identified and implemented appropriate security measures to reduced those risks.
The company also failed to identify the source of the fraudulent activity in a timely manner, according to the ICO.
James Dipple-Johnstone, deputy commissioner of the ICO, said: “When customers handed over their personal details, they expected Ticketmaster to look after them. But they did not.
“Ticketmaster should have done more to reduce the risk of a cyber-attack. Its failure to do so meant that millions of people in the UK and Europe were exposed to potential fraud.”
A spokesperson for Ticketmaster said the company “takes fans’ data privacy and trust very seriously” and that the company planned to appeal the ICO’s ruling.
Newsletter
Sign up for the latest news and opinion.
You will be asked to create an account which also gives you free access to premium Impact content.
Crawford Hollingworth explains why defaults aren't always what they're made out to be in behavioural science:… https://t.co/ykPn2tQu6o
Research during the war in Ukraine showed the value of empathy https://t.co/Eqri5PTpPB #mrx #marketresearch
ESRC and AHRC partner on research commercialisation project https://t.co/5HJ64tHze0 #mrx #marketresearch
The world's leading job site for research and insight
Resources Group
Qualitative Research Manager – Cultural & Brand Insights (Global Insights)
up to circa £40,000 + Bens
Resources Group
Research Executive – Consumer – Technology led insights Group
£22,000–£26,000 + Benefits
Hasson Associates
Research Executive, Clientside role
£23000–32000
Featured company
Town/Country: London
Tel: +44 (0)20 7490 7888
Kudos Research are leading providers of premium quality UK and International Telephone Data-Collection. Specialising in hard to reach B2B and Consumer audiences, we achieve excellent response rates and provide robust, actionable, verbatim-rich data. Methodologies include CATI, . . .
Related Articles
Deserved rest after long walk in the rain https://t.co/xP8d6D8dHY
The post-demographic consumerism trend means segments such age are often outdated, from @trendwatching #TrendSemLON
0 Comments