Ticketmaster pays $10M fine for accessing competitor’s online systems
Ticketmaster will pay a $10 million criminal fine for repeatedly accessing the computer systems of one of its competitors without authorization. The online ticketing company agreed to the fine after being charged with five counts of computer intrusion and fraud by the US Attorney’s Office for the Eastern District of New York, the Justice Department said Wednesday.
Ticketmaster employees used stolen passwords to access Songkick’s systems to “unlawfully collect business intelligence,” said Seth DuCharme, acting US attorney for the Eastern District of New York. The tactic was also promoted at a Ticketmaster summit for employees, the Justice Department said.
Read more: Stimulus payments will begin to arrive ‘tonight’: When the IRS will send your second check
The stolen passwords were obtained by an ex-employee of Songkick in 2014, according to the Justice Department. The passwords were used to gain access to the company’s “Artist Toolbox,” which contained real-time information about pre-sale tickets being sold for specific artists.
The ex-employee also provided Ticketmaster with Songkick’s internal and confidential financial documents, after which he was promoted and given a pay raise, the Justice Department said.
“Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law,” William Sweeney Jr., assistant director-in-charge of the FBI’s New York Field Office, said in a statement.
By knowing the sequential system Songkick used to number its URLs for these hidden web pages, the ex-employee also helped Ticketmaster maintain a spreadsheet with every artist Songkick was working with on pre-sales. Ticketmaster could then contact those artists and try to persuade them to sell tickets through Ticketmaster instead of the Songkick, the Justice Department said.
As well as the $10 million fine, Ticketmaster must also institute a compliance and ethics program to detect and prevent violations of the Computer Fraud and Abuse Act.
As part of the scheme, Zeeshan Zaidi, the former head of Ticketmaster’s Artist Services division, pleaded guilty to conspiring to commit computer intrusions and wire fraud back in October 2019.
“Ticketmaster terminated both Zaidi and [Stephen] Mead [the Songkick ex-employee] in 2017, after their conduct came to light,” a Ticketmaster spokesperson told CNET. “Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.”
Sources with knowledge of the siutation told CNET that no one above Zaidi — who was Mead’s boss — knew about the practice.
The case was the subject of a civil settlement in January 2018, which saw Ticketmaster’s parent company Live Nation acquire Songkick’s ticketing commerce platform, anti-scalping algorithm, APIs and patents.