The ticketmaster security breach has been reported by the industry

The ticketmaster security breach has been reported by the industry ...

After being hit in a cyber-attack last night, Ticketmaster said it has experienced a serious security breach (opens in a new tab). Thousands of UK customers may be affected by the breach, which was reportedly caused by malicious software on Inbenta Technologies, a third-party customer support company.

We contacted several of the security industry''s leading leaders to discuss their views on the attack.

McAfee, the consumer EMEA director, Allen Scott (opens in a new tab)

Ticketmaster has been too averse to respond and correct this error in order to win the battle against internet fraud. We must businesses to get together and support one another in identifying and responding to security threats.

Some simple steps should be taken for Ticketmaster customers who are concerned about their personal information first. First, they should change their passwords immediately. We know that it is difficult to remember all your passwords but using a password generator and manager can assist you resolve this problem and ensure you won''t become an easy target.

Do not click on any links or open attachments you receive via email from Ticketmaster. Hackers will be interested in engaging in this wave by targeting customers with phishing emails. This can lead to your devices becoming infected with malicious malware that allows hackers to gain their personal and financial information. Search for Ticketmaster online and get in touch directly; don''t wait until Ticketmaster will contact you.

Lastly, if you notice suspicious activity in your bank statements, contact your bank immediately to request a new card and highlight the malicious activity.

ESET, an ESET security specialist, opens in a new tab.

"When it comes to cyber security, there is no silver bullet. You can never put all your trust in one prevention strategy and relax. Cyber attacks aren''t a possibility, they are a possibility. You will never have enough people, systems, or money to prevent or detect an attack.

In this recent attack, it would be absolutely necessary to change your Ticketmaster password and any other features that are similar in other accounts. At this stage it may not be known what has been taken which might be personal and payment information."

EclecticIQ, Chris OBrien''s director intelligence operations (opens in a new tab):

The news that the Ticketmaster incident sparked discussions with a third-party supplier is troubling, but it is unfortunately no longer rare. Third-party collaboration among individuals has made it a success. Despite the fact that these working relationships may be beneficial for those involved, the danger of external suppliers in the supply chain is increasing.

We are moving towards a world in which the suppliers who provide detailed security implementations and demonstrate practical implementation of security standards will be in better position than their competitors. However, having an accreditation will soon not be enough to strengthen trust between third parties and their partners. With the rapidly changing threat landscape, it is more important than ever that businesses and their suppliers work collaboratively in order to maintain a chance of success.

Sarah Armstrong-Smith, head continuity and resilience at Fujitsu UK and Ireland (opens in new tab):

What is clear from this latest attack is that every organization, whether it be public or private, large or large, is vulnerable to such an attack. Although there is no denying that organisational awareness is on the rise, those who are behind breaches are finding new and innovative ways to bring it to its knees.

Even the best-run company might be exposed to a hack or data theft. With GDPR in full force, companies must be aware of all the ways cyber criminals can use to infiltrate the company and steal data, and take proactive measures to safeguard it. The ripple effects of an attack cannot longer remain within the four walls of an organization, and businesses of all sizes must remain on the front foot to proactively identify and manage threats instead of waiting for breaches to occur.

Cybercrime isn''t a probability, it''s an inevitability. It will be the way in which organisations prepare for it, however, that can make all the difference.

Cybersecurity strategist, EMEA, Proofpoint Adenike Cosgrove (opens in new tab)

The recent data breach at Ticketmaster represents one of the first significant international breaches of EU personal data obtained following the GDPR enforcement date, making this a case to watch in regard to consequences. Questions will be asked first and foremost about how sensitive personal data, including payment information, was unencrypted with a third-party application.

This breach highlights why enterprise security teams must have a clear visibility into the third-party applications running within their environments and appropriately secure them, as more and more organizations depend on cloud (opens in new tab)-based solutions to perform operations worldwide. Best practices urges organisations to develop a Cloud Access Security Broker (CASB) solution that combines user-specific risk indicators with cross-channel threat intelligence to detect user behavior and anomalies in third-party apps. Without this, organizations simply do not know when users and corporate data are at danger.

When it comes to fraud, organizations are at their weakest post-breach. As we saw with Equifax, hackers almost immediately distributed phishing attempts to try and profit. Users affected by this breach should be extremely vigilant in confirming the source of all emails they receive to their email inbox; they should also change their password directly through the Ticketmasters website, and sign up for the credit monitoring service provided.

Paul Cant, vice president of EMEA, BMC Software (opens in new tab)

Another day, another breach! It has been a while since weve seen a number of notable names in the cyber security firing line. However, we are going to see more and more. While we know there are many risk vectors, organizations must be cautious about these issues. With GDPR sanctions looming large, individuals simply cannot afford to leave cybersecurity as an apresthought.

Only by constantly examining internal processes, businesses can understand how their systems storing data are configured, how they are connected, where any vulnerabilities sit, and then together a strategy to remediate those issues and to keep their data safe.

Neustar, Rodney Joffe, SVP and Fellow (opens in new tab):

This recent security breach is a further reminder that effective strategies must be enacted to prevent cyber-attacks, as another organisation becomes victim to the threat of hackers.

Advocacy is making changes to make to ensure that web applications are protected from DDoS attacks, even if they are using software, or at least using ransomware. In addition, a web application firewall (WAF) is required to protect third parties from accessing a website and stealing customers'' personal information. And as legislation such as GDPR is in place, it is as important as ever that a unified 24/7 security operation center, which includes a user interface with real-time monitoring and reporting.

In situations like these, security is essential for all operations to be maintained.