The UK branch of the ticketing firm Ticketmaster has warned its online customers that they might have received a series of unauthorised emails after its TicketWeb subsidiary’s mailing list system was compromised.
It appears that the first Ticketmaster knew of the security breach was when a customer informed them via Twitter on Saturday.[tweet https://twitter.com/Ticketmaster/status/168405976280596480]
Blogger David Cannings, shared more information about the unauthorised TicketWeb emails, which he discovered pointed to a bogus Adobe Reader download page.
The emails reportedly claimed that the recipient’s version of Adobe Reader was out of date and offered a link where a new version could be downloaded. Hardly the kind of email you would normally expect from Ticketmaster..
As regular readers of Naked Security should know well by now, the only place you should ever download an update to Adobe Reader (or indeed Adobe Flash) from is Adobe’s own website.
A spokesperson for the ticketing firm was keen to reassure customers that “no sensitive personal information or credit card information was vulnerable directly from the TicketWeb UK direct email marketing system during this incident.”
Of course, there are two problems here. As well as customers needing to be warned about the unauthorised emails sent via TicketWeb’s mailing list, Ticketmaster also needs to ensure that its various mailing lists can not be hacked again.
After all, customers will unsubscribe pretty quickly and take their business elsewhere if they find the email address that they have given Ticketweb, or or its parent firm Ticketmaster, is being used by spammers.
If a mailing list is compromised it can be a very effective way for fraudsters and cybercriminals to communicate maliciously with a firm’s customers, with the advantage of bearing all the hallmarks and headers of a legitimate email from a company they trust.