Cyber Incident Victim: Shakespeare Theatre of New Jersey
Date:
Dec 2019
Location:
United States of America
Summary
A ransomware attack disrupted operations at the Shakespeare Theatre of New Jersey, compromising its ticketing system and patron database during preparations for a seasonal performance. While encrypted customer credit card data reportedly remained inaccessible to attackers, the incident forced cancellation of an initial show and necessitated manual ticketing verification using physical copies or email confirmations. The theatre emphasized its commitment to continuing performances despite significant operational challenges, including rebuilding its database. Multiple other local organizations in the Madison area were similarly affected, though no shared infrastructure or service providers were identified between victims. Investigations into the infection vector remained ongoing as the organization worked to restore systems amid community support.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
A ransomware attack impacted the Shakespeare Theatre of New Jersey around December 1, 2019, disrupting operations during a critical period as they prepared for their December 4th premiere of "A Christmas Carol." The attack compromised the theatre’s ticketing system and patron database, rendering customer data—including ticket purchase records—inaccessible. While the theatre confirmed patrons’ encrypted credit card information was not exposed to attackers, the loss of internal access to this data forced the cancellation of their first scheduled performance. This allowed staff time to develop alternative ticketing procedures requiring attendees to present physical tickets or confirmation emails for admission. The incident created significant operational strain, described by theatre leadership as an "existential crisis," necessitating immediate efforts to rebuild their database while maintaining performances.
The theatre publicly committed to continuing its season despite the attack, emphasizing resilience with statements like "The show must go on!" and announcing plans to reconstruct patron communications systems. Marketing Director Jessica Damrow Sherman confirmed the attack affected multiple Madison-area organizations across different sectors, though no shared vendor or hosting provider was identified among victims. Investigations into the infection vector remained ongoing as of December 6, 2019. The organization appealed for patron patience during recovery efforts while acknowledging community support from audiences and neighboring theatres. Operational adjustments prioritized maintaining performances, with staff dedicating "every spare moment" to restoring systems alongside holiday show obligations.