The Information Commissioner’s Office has fined Ticketmaster £1.25m after the site’s operators failed to spot a Magecart card skimmer infection until after 9 million customers’ details had been slurped by criminals.
The breach began in February 2018 and was not detected until April, when banks realised their customers’ cards were being abused by criminals immediately after they were used for legitimate purchases on Ticketmaster’s website.
Key to the criminals’ success was Ticketmaster’s decision to deploy a Javascript-powered chatbot on its website payment pages, giving criminals an easy way in by compromising the third party’s JS – something the ICO held against Ticketmaster in its decision to award the fine.
Ticketmaster ‘fessed up to world+dog in June that year, and the final damage has now been revealed by the Information Commi ..
Support the originator by clicking the read the rest link below.
