Scammers are accessing Ticketmaster users' email accounts, stealing tickets, company says

Ticketmaster is telling fans who claim their concert tickets disappeared from their accounts, costing them thousands of dollars, that they were victims of hackers.

"What we’re seeing is scammers accessing a fan’s email account," a Ticketmaster spokesperson told USA TODAY on Tuesday.

Many ticketholders have spoken to outlets about their experience, including Blaine Heck who told MarketWatch and the Daily Mail that she had a pair of $3,500 Taylor Swift tickets stolen from her account. Similarly, Savannah Van Skyhawk in Indiana lost her tickets to see the "Shake it Off" singer in concert even after contacting Ticketmaster multiple times, WTHR reported.

"We paid about $300 per ticket, and I've seen resale value of between like four or five grand per ticket. So we weren't going to be able to afford another ticket if we didn't get these ones back," Van Skyhawk told the TV station. "Ticketmaster) would just tell me like, 'We'd call you in three to five days.' So, I'd wait three to five days, and they wouldn't call me. I try calling them again, and then again, they'd say three to five days. It was just kind of a circle, like no one ever called me."

'Scammers are looking for new cheats'

In a statement to USA TODAY, a Ticketmaster spokesperson said the company advises ticketholders to "protect themselves" by "setting a strong unique password for all accounts – especially for their personal email which is where we often see security issues originate."

Need a break? Play the USA TODAY Daily Crossword Puzzle.

"Overall, our digital ticketing innovations have greatly reduced fraud compared to the days of paper tickets and duplicated PDFs. Having that digital history is also how we are able to investigate and successfully return tickets for fans," the statement continued. "Scammers are looking for new cheats across every industry, and tickets will always be a target because they are valuable, so Ticketmaster is constantly investing in new security enhancements to safeguard fans."

The spokesperson also said that Ticketmaster's users' passwords were not exposed in the data incident earlier this year.

Ticketmaster's data security incident

According to Ticketmaster's website, the company "discovered unauthorized activity on an isolated cloud database hosted by a third-party data services provider."

The breached database contained limited personal information of some customers who bought tickets to events in North America (U.S., Canada and Mexico), Ticketmaster said. This could include users' email, phone number, encrypted credit card information as well as some other personal information, according to the company.

Despite the incident, the company said users' accounts "remain secure" and "customers could continue to conduct business with Ticketmaster as normal and without issue."

"Our comprehensive investigation – alongside leading cybersecurity experts and relevant authorities – has shown that there has been no more unauthorized activity," according to the company.