oops

Ticketweb (a UK arm of Ticketmaster) have confirmed that someone was able to send emails to subscribers fraudulently. Their initial response was covered on the Naked Security blog. A second email was sent out this evening: One part which stands out says: We sincerely regret any concern that may have been caused by this incident and we can assure you we took immediate action to close the unauthorised access as soon as it was identified.

This afternoon I received an email with the spammy subject “Action Required : Update Your PDF Application”. I almost ignored it until I noticed that the link inside pointed to a domain owned by Ticketmaster. As I have shopped with Ticketmaster before, perhaps this isn’t so surprising. My first thought was that Ticketmaster had a dodgy redirect on their site, until I looked at the email and saw that it was actually sent from Ticketmaster’s network.