See Tickets Hit with Class Action Over Months-Long 2023 Data Breach

New to ClassAction.org? Read our Newswire Disclaimer

See Tickets faces a proposed class action over its alleged failure to safeguard consumers’ sensitive information from a months-long data breach the ticketing service announced in August 2023.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The 39-page data breach lawsuit says that between February 28 and July 2, 2023, unauthorized parties inserted “malicious code” into the checkout pages of SeeTickets.com and SeeTickets.us, allowing them to access certain payment card information belonging to customers who made purchases on the websites throughout this time frame.

According to the case, the data breach exposed over 323,498 customers’ names, addresses, zip codes, payment card numbers, card expiration dates and CVV numbers.

The filing contends that the cyberattack was a result of See Tickets’ “inadequate” cybersecurity practices, which fell short of federal and industry standards. For example, the defendant failed to properly monitor its computer systems for suspicious activity, the complaint alleges.

“At the very least, Defendant chose not to invest in the technology to encrypt payment card data at point-of-sale to make its customers’ data more secure, despite already having just experienced a similar data breach only months before,” the case says, noting that payment card data belonging to over 400,000 consumers was reportedly compromised in a cyberattack See Tickets reported in October 2022.

Although See Tickets claims to have discovered the breach in May 2023, it was unable to stop the unauthorized access until July, the filing shares. The company then waited until September 6 to inform affected individuals of the incident, the suit says.

“Armed with the Private Information accessed in the Data Breach, and an eighteen-month head start, data thieves can commit a variety of crimes including, e.g., making fraudulent purchases and committing identity theft such as opening new financial accounts in Class Members’ names,” the case stresses.

The plaintiff, a Michigan resident who received notice that her personal information was exposed in the breach, claims that the credit card she used to purchase tickets through one of the defendant’s websites has since been used to make fraudulent purchases totaling roughly $1,000.

The lawsuit looks to represent anyone in the United States whose private information was subject to the data breach announced by See Tickets on or about September 6, 2023.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.