Hello, it’s me. I was wondering if after all these years you’ve gotten used to personal information being exposed in data breaches.
No? That’s too bad, because rumour has it that fans trying to buy advanced tickets for Adele’s tour on the superstar’s website were met with other people’s purchasing info.
You know how it goes: you’re online, spinning Adele’s 25, singing along to your favorite songs and trying to buy tickets to her upcoming tour. You’re anxious to buy them and show your sweetest devotion to the singer, and you know they’re going to sell out quickly so you don’t want anything going wrong.
You add the tickets to your cart, you go to check out, and...wait, that’s not your information. Whose is it? You’re so frustrated you’re ready to set fire to the rain but you just really want your tickets so you delete the wrong information, put in your own, and are on your way.
But then you realize that maybe your information has shown up when someone else tried to check out. What a headache. This sort of thing never happened when we were young.
The culprit seems to be Songkick, the ticket seller who appears to be giving the cold shoulder to fans so far. Songkick claims that fans were "able to preview other users' shopping carts for brief periods due to extreme load" but haven’t provided many clues outside of that.
Songkick also said that customers weren’t able to view others passwords or payment or credit card details.
However, that doesn’t jive with what fans were tweeting. The BBC quotes more than one fan saying that they were able to see an address and credit card number that wasn’t theirs. So while there are many shades of truth to this story, it’s clear that there was some sort of divulgence of information.
Is it a big deal?
If there’s one silver lining to this breach that separates it from others in the past, it’s that this doesn’t appear to be a malicious attack. There were no hackers chasing payments, and this was allegedly the result of a glitch in the system. The people involved in this situation were other Adele fans, and the stories coming out so far suggest that they simply went on buying their tickets, not stealing payment info.
This makes it different than, say, the T-Mobile breach from earlier this year. There’s also much less sensitive information involved: having you credit card number out in the wild is obviously never good, but it didn’t include information on the level of Social Security numbers.
Still, it’s not very comforting. Hackers could have had it all, rolling in the data if the system was so insecure as to break down when people were just trying to buy tickets. You know, like they should be able to for a concert. If you want to go the extra mile and keep the tables from being turned on you, monitor any accounts linked to the payment information you used to make sure there isn’t any unauthorized action going on.
So the sky isn’t falling, but it’s hardly water under the bridge. Even if this breach wasn’t as bad as others in the past it is concerning that there’s yet another incident of personal information being exposed, and it’s enough to make a person say "That’s it, I quit, I’m moving on."
It’s important to remember that no matter how safe you are online this sort of breach could happen to someone like you.