Ticketmaster Fined $10 Million after Accessing Competitor"s Network using Stolen Credentials

The US-based ticket sales and distribution company, Ticketmaster, will pay a $10 million fine for illegally accessing a competitor’s computer system using stolen credentials, the Department of Justice (DOJ) disclosed on December 30, 2020.

Both Ticketmaster and ex-employees have been charged with computer intrusion and wire fraud after repeatedly accessing an unnamed competitor’s systems to conduct cyber-espionage and “steal back one of the [victim company’s] signature clients,” according to a press release.

“Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic,” the US attorney said in the release. “Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.”

The court documents revealed unlawful business strategies conducted between August 2013 and December 2015, with the aid of a former senior employee of the victim company, who, despite having signed a confidentiality agreement with his former employer, revealed classified information to Ticketmaster.

Following a two-year-long corporate espionage campaign, the co-conspirator was promoted and given a raise.

“When employees walk out of one company and into another, it’s illegal for them to take proprietary information with them. Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law,” FBI Assistant Director Sweeney noted. “This investigation is a perfect example of why these laws exist – to protect consumers from being cheated in what should be a fair market place.”

On top of the $10 million in penalties, Ticketmaster must implement heightened controls and policies to curb further misuse of computer systems and credentials, and maintain a compliance and ethics program to address any internal deficiencies that may lead to other employee misconduct and unlawful acquisition of confidential information of its competitors.

1 in 4 people is likely to be a victim of data breaches. Have you ever been exposed? Find out now with Bitdefender’s Digital Identity Protection.