All Ticketmaster customers have been advised to reset their password after a security breach that may have affected up to 40,000 UK customers.
A tweet from the ticket-selling website confirmed that “some personal or payment information may have been accessed by an unknown third party” and that the hack was caused by malicious software on third-party customer support product Inbenta Technologies.
The company has also contacted all affected customers and offered a free 12-month identity monitoring service.
Information that may have been compromised includes names, addresses, email addresses, telephone numbers, payment details and Ticketmaster log-in details.
The breach is believed to have affected UK customers who purchased or attempted to purchase tickets between February and June 2018.
Some IT experts reckon that Ticketmaster’s breach could be the first litmus test of GDPR enforcement in the UK.
The Information Commissioner's Office (ICO) told ITPro.co.uk that it is still deciding which legislation is relevant.
"It's still very, very early days and we're still in the evidence gathering stage, and will assess it from there,” an ICO spokesperson said.