Cyber Incident Victim: Philadelphia Orchestra and the Kimmel Center
Date:
Feb 2023
Location:
United States of America
Summary
A cyberattack disrupted the Philadelphia Orchestra and Kimmel Center’s online and phone-based ticket sales, forcing the organizations to rely on in-person box office transactions and a temporary portal. The incident impacted multiple resident groups, including the Philadelphia Ballet and Broadway series, halting digital sales during a critical period for spring performances. Officials assured patrons that scheduled events would proceed normally and emphasized that security protocols protected sensitive data, specifically confirming no customer credit card information was breached. The attack aligns with a broader trend of ransomware groups targeting arts venues, following similar disruptions at institutions like the Metropolitan Opera and companies providing services to cultural organizations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On or around February 8, 2023, a cyberattack targeted the Philadelphia Orchestra and the Kimmel Center, significantly disrupting their operations by February 10. The attack forced both organizations to take their websites offline, crippling online and phone-based ticket sales systems. A joint statement confirmed a "cyber incident" had "temporarily impacted" network systems, though specific technical details about the attack vector or threat actor were not disclosed. The organizations emphasized that performances would proceed as scheduled and asserted their security protocols were functioning to protect sensitive data, with spokesperson Ashley Berke explicitly confirming no customer credit card information breaches occurred. To mitigate ticketing disruptions, a temporary online sales portal was established, while in-person transactions remained available at the Kimmel Center box office. The outage affected not only the Philadelphia Orchestra but also the Kimmel Center’s Broadway series, Philadelphia Ballet, Philadanco, and other resident groups, halting all digital ticket sales, exchanges, and refunds during a critical period for spring performance bookings.
The operational impact extended beyond lost online revenue, as phone-based ticketing systems were also rendered inoperable, leaving the box office as the sole sales channel. Patrons received limited information about the incident’s scope or resolution timeline, with organizations directing inquiries to a general phone line. Philadelphia Ballet executive director Shelly Power acknowledged the disruption’s timing coincided with sales for their March production of *The Sleeping Beauty*, characterizing the situation as an inconvenience but expressing hope for swift resolution. The incident mirrored recent attacks on arts institutions, notably a December 2022 cyberattack against New York’s Metropolitan Opera that halted ticket sales for nine days and reportedly cost $200,000 in daily lost revenue. While the Philadelphia organizations did not specify recovery timelines or attribute responsibility, their response focused on maintaining performances and restoring ticketing functions through temporary measures while investigating the breach.