28 June 2024: Update Regarding Ticketek Cyber Incident
By way of update, Ticketek has sought and been granted an injunction to prevent any access, dissemination, or publication of the impacted data by any third party. This is part of our commitment to our customers to take all reasonable steps in response to this incident and to protect our customers’ data.
To recap, as soon as Ticketek became aware of this incident, we began work to determine what information was impacted to enable us to swiftly communicate with our customers (by email and our website) to ensure individuals were provided with appropriate guidance and support.
We are aware some customers have recently been contacted by a third party regarding the impact to their information.
We continue to recommend our customers utilise the guidance provided on our website Statement Regarding Ticketek Cyber Incident – TEG. Ticketek confirms it has secure encryption methods in place for all passwords and no Ticketek customer accounts have been compromised.
We take the protection of our customers’ data very seriously and continue to work with law enforcement and the relevant agencies in response to the incident.
We thank our customers for their understanding and ongoing support. Our incident response team remains available to answer any questions.
+++
31 May 2024: Statement Regarding Ticketek Cyber Incident
Ticketek has become aware of a cyber incident impacting Ticketek Australia account holder information, which is stored in a cloud-based platform, hosted by a reputable, global third party supplier.
Ticketek has secure encryption methods in place for all passwords and no Ticketek customer account has been compromised. Additionally, Ticketek utilises secure encryption methods for online payments and uses a separate system to process online payments, which has not been impacted. Ticketek does not hold identity documents for its customers.
Since our third party supplier brought this to our attention, over the past few days we have worked diligently to put every resource into completing an investigation so that we can communicate with customers who may have been impacted, and other stakeholders, as quickly as possible.
The available evidence at this time indicates that, from a privacy perspective, customer names, dates of birth and email addresses may have been impacted.
Our priority at this initial stage is to best protect our customers, people and all others who have entrusted us with their information. As such, we have already commenced notifying those customers who may have been impacted. We apologise for any concern that this news may cause – we will provide further updates as more information becomes available.
We have also notified the Australian Cyber Security Centre (ACSC) and we are liaising with the Office of the Australian Information Commissioner (OAIC) and the National Office of Cyber Security in relation to the incident.
On a precautionary basis, we recommend that our customers remain vigilant for potential phishing emails and other scam communications, including from organisations purporting to be from Ticketek. We recommend that you review the cyber security guidance provided below.
We thank our customers for their understanding and support as we work through this.
We have a dedicated service team available to answer any questions on our 24-hour incident hotline 1800 907 587 (Australia) or +61 2 7254 8027 (International) or email us via cybersafe@ticketek.com.au.
CYBER SECURITY GUIDANCE
Phishing Emails
- Remain vigilant against the risk of phishing emails and scams.
- Do not share your personal information with anyone unless you are confident about who you are sharing it with.
- Scam calls can appear to come from legitimate local numbers, claiming to be from reputable organisations and creating urgency to obtain sensitive information or funds.
- Phishing emails can also appear to come from legitimate email addresses, with minor variations – so always carefully check the email sender address.
Website Guidance
- When on a webpage asking for your login credentials, take note of the web address or URL (‘Uniform Resource Locator’). The URL is located in the address bar of your web browser and typically starts with https://.
- If you are suspicious of the URL, do not provide your login details. Contact the entity through the usual channels to ensure you are logging into the correct web page. Please note that we will never contact you to ask for your username or password or your payment details.
Security
- Ensure you have up-to-date anti-virus software installed on any device you use to access your online accounts.
- Find out more on how to protect your accounts with secure passwords or passphrases : Password Checker.
General Advice
- Guidance for protecting yourself from scams here: Scamwatch.
- Tips on protecting your identity: OAIC Guidance.
- General resources on identity and cyber security support: Cyber Incident Guidance
Further Assistance
- We have a dedicated service team available to answer any questions on our 24-hour incident hotline 1800 907 587 (Australia) or +61 2 7254 8027 (International) or email us via cybersafe@ticketek.com.au