Ticketek has been hit by a “cyber incident” with personal information of Australian customers stolen from a third-party global cloud-based platform.
The cybersecurity minister, Clare O’Neil, said late on Friday night the breach was “affecting many Australians” but appeared restricted to the release of names, dates of birth and email addresses.
She said Australians should be especially vigilant for scams. She said Ticketek had told customers “that their passwords and credit card information have not been compromised”.
On Saturday, the federal government’s Australian Cyber Security Centre issued an alert saying it was “aware of successful compromises of several companies” that used the services of US-based cloud storage company Snowflake.
In a statement, Ticketek said it had “already commenced notifying those customers who may have been impacted” and promised further updates “as more information becomes available”.
Ticketek would not say how many Australian customers had been affected. The Guardian asked Ticketek if the cloud-based platform it had referred to was Snowflake, but the company did not respond.
The breach is the second reported this week of a major global ticketing outlet. Hackers took the personal information of 560 million customers of Ticketmaster, but that company has not said if any Australians were affected.
On Friday night, Ticketek emailed customers about the “cyber incident” affecting account holder information “stored in a cloud-based platform, hosted by a reputable, global third party supplier”.
The email said: “We would like to reassure you that Ticketek has secure encryption methods in place for all passwords and your Ticketek account has not been compromised.
“In addition, we utilise secure encryption methods to handle credit card information and transactions are processed via a separate payment system, which has not been impacted. Ticketek does not hold identity documents for its customers.”
The email did not name the “third party supplier” but said since Ticketek was told of the incident “over the past few days we have worked diligently to put every resource into completing an investigation, so that we can communicate with you as quickly as possible”.
Ticketek said the “available evidence at this time” indicated that “from a privacy perspective, your name, date of birth and email address may have been impacted”.
“We sincerely apologise to all those who may have been affected by this incident,” the email said, and asked customers to visit a webpage with guidance on cybersecurity.
Earlier today, Ticketek advised the National Office of Cyber Security that they have experienced a cyber security incident impacting Ticketek Australia, and data belonging to their customers has been stolen. https://t.co/FWGHjkj5Vu
— Clare O'Neil MP (@ClareONeilMP) May 31, 2024
O’Neil wrote on X: “I understand that [Ticketek] has taken action to quickly identify and notify affected people. Where companies hold a significant amount of data, Australians expect that they look after it.”
She said Australians needed to be “especially vigilant” and to be on alert for scams, including phishing emails.
The National Cyber Security Co-ordinator said Ticketek was “a different company to Ticketmaster, which is a subsidiary of Live Nation Entertainment” – referring to the global hack of Ticketmaster.
The co-ordinator said the Australian Signals Directorate and Australian Federal Police were aware of the Ticketek incident.
The co-ordinator said Australians should set up multi-factor authentication on online accounts, install any software updates regularly “to keep your devices secure” and to create “strong and unique pass phrases that are over 14 characters long and use four or more random words”.