The Keller Lenkner UK Data Breach team is in the advanced stages of High Court action against Ticketmaster.
Following the ticketing giant’s data breach in 2018, the Information Commissioner’s Office (ICO) announced its decision to fine Ticketmaster £1.25 million following an extensive investigation. The ICO stated that the financial impact on the business during the pandemic was taken into consideration before a final figure was agreed.
Kingsley Hayes, head of data breach at Keller Lenkner UK, commented: “The ICO has been very thorough in its action with the pandemic significantly reducing the size of the fines imposed on organisations who have failed to adequately protect customers’ private data.
“We are currently representing a significant number of claimants affected by the Ticketmaster breach for actual, and potential, financial harm and psychological damage. The effects of a data breach are far reaching causing substantial distress to victims who fall foul of fraud as a result of their personal details not being robustly protected.
“Ticketmaster had been warned of potential fraud by several banks but failed to take action for nine weeks which is unacceptable. The ICO has reported that up to 1.5 million UK customers’ details were exposed as a result of the prolonged incident.
“With a breach of that size, the subsequent damage, which may include identity theft and fraudulent transactions, may not transpire for several months, or even years later, as scammers use the stolen information in batches.
“While Ticketmaster’s fine sends a strong message to businesses who collect, store and process confidential data, in ordinary circumstances the penalty would likely have been substantially higher.
“The Ticketmaster incident involved a third-party chat-bot used on its payments page. This highlights that businesses are accountable for cybersecurity not only within their own organisation, but also throughout their supply chain.”