Cyber Incident Victim: Ticketek

Ticketek Australia experienced a cybersecurity incident involving customer account holder information stored on a third-party cloud-based platform. The breach was first identified when the global third-party supplier alerted Ticketek to potential unauthorized access. An immediate investigation confirmed that customer names, dates of birth, and email addresses may have been compromised, though no account credentials or payment systems were breached. Ticketek emphasized that passwords remained secure due to encryption protocols and that payment processing systems operated on an isolated infrastructure unaffected by the incident. The company clarified it does not retain customer identity documents, limiting the scope of exposed data. Within days of the supplier’s notification, Ticketek prioritized identifying impacted customers and initiated direct communications to inform them of potential risks. The investigation remains ongoing, with updates promised as new information emerges.

Ticketek notified the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner (OAIC), and the National Office of Cyber Security shortly after confirming the incident’s scope. Impacted customers began receiving advisories urging vigilance against phishing attempts and scams impersonating legitimate communications. A dedicated 24-hour incident response team was activated, providing support via phone and email channels. The company reiterated that its systems do not solicit passwords or payment details through unsolicited communications. While no operational disruptions to ticket sales or event access were reported, the breach underscored risks associated with third-party data storage. Ticketek continues to collaborate with authorities and the third-party supplier to address residual vulnerabilities and refine incident response protocols.