Originally published at: https://boingboing.net/2018/06/27/ticketmaster-uk-malicious-s.html
…
According to the comments, “payment details” might translate as “credit card numbers”.
When will people learn to stop putting so incredibly much unnecessary third-party software on their website?
Looking at boingboing.net with ad-block turned off I see 384 requests of wich only 14 go directly to boingboing.net or media.boingboing.net. (to be fair 13 don’t have a domain listed so those probably also come from boingboing.net and a few will probably be from a relatively benign CDN).
The majority of the remainder is stuff you really don’t want to see on your website, Google, Facebook, various ad serving companies including Bing and Wallmart.
And for Boingboing I kinda get it, this is probably one of the main sources of income (although I suspect the amazon referrals and boingboing store are both bigger in income and a lot less evil)
But for a company like Ticketmaster? Their purpose is ripping off concert visitors with impossibly high administration fees and other bullshit on concert tickets. This can be done easily without including any third parties.
It said it disabled the customer support product hosted by Inbenta Technologies across all Ticketmaster websites as soon as it identified the breach on June 23.
Though banks spotted unusual activity, and alerted Ticketmaster, in April.
Maybe they pinned-down the precise cause on 23 June, but they knew something was wrong for months.
This topic was automatically closed after 5 days. New replies are no longer allowed.