Ticketmaster UK has admitted that up to 40,000 customers could be at risk of identity theft and fraud following a cyber attack.
The company has said that personal information and credit card data from customers in Britain and other countries may have been stolen.
They believe that less than 5% of its global customer base have been affected by the breach.
- What has happened?
On June 23, Ticketmaster UK identified malicious software on a customer support product hosted by a company called Inbenta Technologies, who are an external third-party supplier to Ticketmaster.
Ticketmaster have said they disabled the product as soon as the issue was discovered, and that customers who may have been affected have been contacted.
The ticket-seller said that the breach affects UK transactions between February and June 23, as well as international customers who purchased, or attempted to purchase, tickets between September 2017 and June 23, 2018.
According to the company, they believe information that could have been compromised includes:
- Email address
- Telephone number
- Payment details
- Ticketmaster login details
Many customers have taken to social media to express their anger at the cyber attack.
In a statement on their new support website, the company said: "Forensic teams and security experts are working around the clock to understand how the data was compromised.
"We are working with relevant authorities, as well as credit card companies and banks."
Ticketmaster added that customers in North America are not affected.
A spokesman for the National Cyber Security Centre (NCSC) said: "We are aware of a cyber incident affecting Ticketmaster.
"The NCSC is working with our partners to better understand the incident."
- What should customers do if they are victims of the breach?
Ticketmaster has created a website to answer questions about the Inbenta incident.
They have recommended that, as a precautionary measure, all notified customers reset their password when they next log into their Ticketmaster account.
They are also offering customers affected by the breach a free 12-month identity monitoring service.
The company have advised that customers closely watch their account statements for any evidence of fraud or identity theft.
Should customers notice any suspicious activity on their account, they are advised to contact their bank or credit card company immediately.