DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

How many breaches did GoTickets.com have?

Posted on November 10, 2012 by Dissent

Back on June 20, 2012, GoTickets.com notified the California Attorney General’s Office of a breach that reportedly occurred between May 22 and May 30, 2012.  In their sample notification letter submitted to the state, they wrote:

We were recently made aware that certain payment card information used on our www.gotickets.com website may have been exposed. We are notifying you that the payment card you have on file with us (name of card and last four digits) may have been affected by this situation.

We are taking appropriate precautionary measures to ensure that this situation is resolved and to help alleviate concerns you may have.

What Happened?

Pending the final results of our investigation, it appears that an unknown, outside group or individual improperly accessed www.gotickets.com’s database possibly exposing some of our customers’ sensitive information, including shipping, billing and credit card data related to purchases made through www.gotickets.com. We believe this improper access occurred on or around May 22 and May 30, 2012.

Although we are not certain that your sensitive information was affected, as a precaution, we are advising you to keep a close eye on this account’s activity.

[…]

Okay, but now I find that American Express Travel Related Services notified the California Attorney General’s Office on November 6, 2012 about a breach that occurred on November 6, 2011. In their sample notification to their customers, AmEx writes:

American Express is strongly committed to the security of all our Cardmembers’ information and wants to inform you that a merchant where you have used your American Express Card for payment detected unauthorized access to its data files.

At this time, we believe the merchant’s affected data files included your American Express Card account number, your name and the expiration date on your card. Importantly, your Social Security number is not impacted and our systems do not show any indication of unauthorized activity on your Card account related to this incident.

Note that AmEx doesn’t name the merchant and doesn’t mention that the breach occurred a year ago (unless that’s a typo on AmEx’s part when it submitted the incident to California). But their filename for this report is “Pages from GoTickets com-C2012065270 CA AG Letter.pdf”

So… was GoTickets.com’s breach worse than what they reported in June 2012, or is this a newly discovered older breach, or some mistake on AmEx’s part?

I’ve emailed GoTickets.com and will update this post if/when I get an answer.

Category: Breach Incidents

Post navigation

← Alere Home Monitoring notifies 100,000 patients after laptop stolen from employee's car
Update on Women & Infants Hospital breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas gastroenterology and surgical practice victim of ransomware attack
  • Romanian Citizen Pleads Guilty to ‘Swatting’ Numerous Members of Congress, Churches, and Former U.S. President
  • North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
  • Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says
  • Vanta bug exposed customers’ data to other customers
  • Lyrix Ransomware Targets Windows Users with Advanced Evasion Techniques
  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Agrees to Clarify Emergency Situations Where Police Don’t Need Warrant
  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.