Ticketek Australia has disclosed a “cyber incident” impacting customer information that it says was stored in a third-party cloud environment.
The ticketing company said the data – which “may” cover “customer names, dates of birth and email addresses” – was “stored in a cloud-based platform, hosted by a reputable, global third-party supplier.”
“Since our third-party supplier brought this to our attention, over the past few days we have worked diligently to put every resource into completing an investigation so that we can communicate with customers who may have been impacted, and other stakeholders, as quickly as possible,” Ticketek said in a statement late Friday.
“Our priority at this initial stage is to best protect our customers, people and all others who have entrusted us with their information.
“As such, we have already commenced notifying those customers who may have been impacted.”
Ticketek noted that passwords and payment information were not impacted, because they were either encrypted or run separately.
The company said it had notified authorities including the Australian Cyber Security Centre (ACSC), the Office of the Australian Information Commissioner (OAIC) and the National Office of Cyber Security.