Ticketmaster has been accused by start-up bank Monzo of ignoring warnings of a security breach that it made back in April. The claims made today contradict Ticketmaster's assertion that it only found out about the breach on Saturday.
Monzo made the claims today in a blog post by the bank's head of financial crime Natasha Vernier.
"We spotted signs of this breach back in early April," she claims. The link was made after around 50 customers had contacted the bank complaining of potentially fraudulent activity on their accounts.
"After investigating, our Financial Crime and Security team noticed a pattern: 70 per cent of the customers affected had used their cards with the same online merchant between December of last year and April this year. That merchant was Ticketmaster…
"Within four-and-a-half hours, the team rolled out updates to our fraud systems to block future transactions on other customers' cards that looked suspicious in a similar way.
"That evening, we reached out to other banks and the US secret services (who are responsible for credit card fraud in the US) to let them know what we'd seen and ask if they'd seen anything similar. At the time, they hadn't.
"Over the following weekend we saw attempted transactions on four of our customer's cards that our fraud system automatically blocked. Of those four cards, two had previously been used at Ticketmaster. The next week, we saw four more compromised cards. All four had been used at Ticketmaster."
On 12 April, Monzo contacted Ticketmaster to share the information that it had gathered, with Ticketmaster telling Monzo that it would conduct an internal investigation - but a week later it responded that it "had found no evidence of a breach" and added that "no other banks were reporting similar patterns".
In contrast, Ticketmaster claimed last night that it only became aware of the security breach on Saturday 23 June - almost two-and-a-half months after it had been informed of a breach by Monzo.
It blamed a supply chain attack that had compromised a third-party software plug-in on its website, supplied by a software company called Inbenta.
Microsoft receives a 30 per cent cut of all purchases on the Xbox digital store
Credit card thieves used Apple ID accounts to buy and sell virtual currency for Clash of Clans and Clash Royale and Marvel Contest of Champions
$5.1bn fine further evidence that the EU is anti-US, claims Trump
New cable will connect Virginia to France