On November 13, 2020, the United Kingdom Information Commissioner’s Office (ICO) fined Ticketmaster U.K. Limited £1.25 million, or nearly $1.67 million, over alleged General Data Protection Regulation (GDPR) violations for failure to put “appropriate security measures in place to prevent a cyber-attack on a chat-bot installed on its online payment page.”
The data breach occurred in February 2018, when hackers used malicious code to access the payment data of up to 11 million Ticketmaster customers in Europe and the U.K.