Ticketmaster admits that he hacked into the rival company before it closed.
The fine, which is part of a deferred prosecution agreement Ticketmaster signed with federal prosecutors, resolves criminal charges filed last week in federal court in the Eastern District of New York.
The charges include violations of the Computer Fraud and Abuse Act, computer intrusion for business advantage or private financial gain, computer intrusion to promote fraud, conspiracy to commit wire fraud, and wire fraud.
In the settlement, Ticketmaster admitted that an employee who used to work for a rival company emailed multiple account login credentials to the rival. used to manage the sale of pre-sale tickets. At a meeting attended by at least 14 employees of Ticketmaster or its parent company Live Nation, the employee used a set of credentials to log in to an account and demonstrate how it worked.
Related Posts
A hack, then a promotion
The employee, who was not identified in court documents, then provided Ticketmaster executives with internal and confidential financial documents that he had withheld from his previous employer. The employee was subsequently promoted to director of customer relations and received a raise. It was Songkick, who in 2017 filed a lawsuit accusing Ticketmaster of hacking into its database. A few months later, Songkick closed. The charges against Ticketmaster come 26 months after Zeeshan Zaidi, former head of Ticketmaster’s artist services division pleaded guilty in a related case of conspiring to hack into the rival company and participate in cable fraud. to Zaidi and another Ticketmaster employee.
“When employees leave one company and enter another, it is illegal for them to take proprietary information with them,” FBI Deputy Director William Sweeney Jr. said in a statement. “Ticketmaster used the information stolen to gain an advantage over your competition, and then promoted to employees who broke the law. “
In addition to providing login credentials, the former employee also showed Ticketmaster managers how to exploit a flaw in the URL generation scheme that the rival was using for unpublished ticketing web pages. To prevent them from outsiders accessed the pages before they were made public, each had The former employee told his new employer that the values were generated sequentially, and outsiders could use this information to view the artist’s pages while they were still in the early draft stages
In early 2015, Ticketmaster assigned one of its employees to learn about this system and use it to maintain a spreadsheet that lists all the ticketing web pages that can be located. Ticketmaster would identify customers of the rival company and “would try to dissuade them from selling tickets through the victim company,” federal prosecutors said. Zaidi, prosecutors said, “We shouldn’t point out to anyone that we have this view of the [victim company’s] activities.” Maintain Ethics A program to prevent and detect future hacker attacks and unlawful collection of confidential information from competitors. Live Nation representatives did not respond to a message asking for a comment for this post.
Arstechnica / TechConflict.Com