Online ticket seller Ticketmaster has become the latest victim of a hack attack after a group of rap music supporters defaced its website.

The attack, which took place yesterday on Ticketmaster's UK website, was perpetrated by a group calling itself M-squad. The site has since been returned to normal.

Security experts said the attack exploited a documented flaw in older versions of Microsoft's Internet Information Server (IIS), using a script well-known by the hacker community.

Some experts believe the same flaw was exploited by the hacker known as Herbless in his attack on nine UK government websites last week.

Matt Tomlinson, business development director at security consultancy MIS, said: "The flaw affects any version of IIS between 4.0 up to 6a."

He added that although the website had been defaced, information such as customers' credit card details appeared to be safe. Ticketmaster declined to comment on this, however.

"Even though Ticketmaster may have been naive in not upgrading their software, the security behind their website appears to be very [good]. It seems that they are hanging the rest of their information behind their website, and this is firewall protected," said Tomlinson, adding that it was very unlikely that anyone attempting to steal credit card information would leave any signs behind.

"If someone hacks for money, they don't leave traces - this site was defaced. But it does shake consumers' confidence and could harm a company's credibility," he added.