Ticketmaster Class Action Lawsuit: Negligence in Major Data Breach
Class Action Lawsuit Against Ticketmaster: Allegations of Negligence in Data Breach.
A class action lawsuit has been filed against Ticketmaster and its parent company, Live Nation Entertainment, alleging negligence in managing customer data. The legal action claims that Ticketmaster lacked adequate protections to prevent a data breach that compromised the personal information of millions of users.
Overview of the Breach
On April 2, 2024, the hacker group ShinyHunters infiltrated Ticketmaster's database, which was hosted on a third-party server managed by Snowflake. Approximately 560 million customers had their personally identifiable information (PII) compromised, including full names, addresses, email addresses, phone numbers, and credit card details.
The breach went undetected for nearly seven weeks, with Ticketmaster only becoming aware on May 23, 2024. Customers were informed about the breach on July 17, 2024, almost two months after it was detected. In May 2024, the hackers attempted to sell the stolen PII for $500,000 on the dark web, putting customers at high risk of fraud and identity theft.
Allegations of Inadequate Security Measures
The class action lawsuit alleges negligence, negligence per se, unjust enrichment, and breach of implied contract, seeking at least $5 million in damages for the affected users. The complaint argues that Ticketmaster was aware of the significant risk of a cyberattack and failed to implement reasonable security measures to protect user information.
Ticketmaster’s website and privacy policies claimed sufficient security measures were in place when data was shared with third parties. However, the lawsuit contends that Ticketmaster did not ensure Snowflake was enforcing these safeguards, nor did it require the vendor to adopt enhanced security measures or conduct security audits. This is seen as a violation of Section 5 of the Federal Trade Commission Act, which mandates reasonable security practices.
Additionally, Ticketmaster has been criticized for not providing "prompt and accurate notice" of the breach. As a result, millions of customers remain vulnerable to risks such as identity theft, spam, and fraud, especially since the data remains unencrypted and accessible to unauthorized parties.
Ongoing Legal Challenges
This lawsuit comes at a tumultuous time for Ticketmaster, which is also facing an antitrust lawsuit from the U.S. Department of Justice, alleging that it and Live Nation Entertainment have monopolized the live concert industry. Moreover, Snowflake is under scrutiny due to its involvement in a previous breach affecting the data of 8.9 million AT&T customers.
Legal Representation
In the case of Pomeroy et al. v. Ticketmaster, claimant Kiley Grombacher from the law firm Bradley/Grombacher is representing the plaintiffs. As of now, legal counsel for Ticketmaster has not been designated.
This ongoing legal situation highlights serious concerns regarding data security and customer protection within Ticketmaster and its partners. Affected users are encouraged to stay informed and monitor the developments related to this case.
Ticketmaster Entertainment, LLC is an American ticket sales and distribution company headquartered in Beverly Hills, California. With operations in numerous countries worldwide, Ticketmaster merged with Live Nation in 2010 to form Live Nation Entertainment.
Related: Boies Schiller law firm denies hedge fund collusion in home buyer class actionÂ