Cyber Incident Victim: Kimmel Center

On Friday, February 10, 2023, a cyberattack struck the network systems of the Kimmel Center and the Philadelphia Orchestra, rendering their websites inoperable and crippling core ticketing functions. The incident immediately prevented the organizations from processing new ticket sales, exchanges, or refunds through their primary online and phone-based channels. This disruption affected not only the Philadelphia Orchestra's own performances but also the Kimmel Center's Broadway series, Philadelphia Ballet, Philadanco, and other resident groups that rely on the shared ticketing infrastructure. A spokesperson for the organizations, Ashley Berke, confirmed the "cyber incident" had "temporarily impacted" their network systems but stated that all scheduled performances would proceed as planned. The spokesperson also assured patrons that security protocols were functioning to protect sensitive data and specifically clarified that customer credit card information had not been breached. In response to the outage, the organizations established a temporary portal to facilitate some ticket sales and confirmed that physical tickets remained available for purchase exclusively at the Kimmel Center's box office. The attack occurred during a critical period as arts groups were actively selling seats for upcoming spring shows, including the Philadelphia Ballet's production of *The Sleeping Beauty* scheduled to open in March. An associate from Ticket Philadelphia, the associated ticketing service, verified that the entire ticketing operation was down, leaving patrons with scant information about the incident's specific nature or timeline for resolution. The situation mirrored a similar cyberattack in December that had shut down the Metropolitan Opera's website and box office for nine days, costing the institution approximately $200,000 in daily sales during the holiday season.

The organizations' public statement emphasized that performances would continue uninterrupted despite the technological paralysis, a decision that prioritized the audience experience for live events while isolating the compromised digital systems. This approach contained the immediate operational impact to back-office and sales functions, allowing the artistic calendar to proceed. The incident highlighted the vulnerability of cultural institutions' critical ticketing and marketing systems to cyber threats, a point underscored by the article's reference to arts venues being "ripe targets for ransomware gangs." The attack followed a broader pattern, including a July ransomware incident against WordFly, a digital marketing firm, which disrupted email and text services for major organizations like the Smithsonian, the Royal Shakespeare Company, and others. In that prior case, WordFly had reportedly worked with the attackers to secure the deletion of stolen data. For the Kimmel Center and Philadelphia Orchestra, the primary consequence was a complete, days-long halt to remote and phone-based revenue generation and customer service, forcing a reliance on in-person box office sales. The organizations did not disclose the specific type of cyberattack, the identity of any perpetrators, or whether a ransom was demanded, focusing their communication on reassurance about data security and performance continuity. As of the article's publication date, the exact duration of the website and ticketing system outage remained unclear, with the temporary portal and box office serving as the only available avenues for patrons to transact. The incident served as a stark reminder of the financial and operational risks posed by cyber intrusions to the nonprofit arts sector, where digital systems are integral to revenue streams but often lack the robust defenses of larger corporate targets.