Massive data leak via online ticket counter service

Around 400,000 visitors to the capital’s zoos are also affected by a serious data leak at a Dutch ticket service provider for zoos and amusement parks. The Berlin Zoological Gardens informed their online visitors about a “data theft” from their Dutch partner Ticketcounter on Friday. Among other things, it concerns data from guests who made bookings in the respective online shops between April 28 and August 5, 2020.

“Unfortunately, your data may also be affected”, quoted the Tagesspiegel from the message of the zoo operator to the users of your card sales on the Internet. “Please rest assured that we will do all we can to ensure that such events do not recur in the future. After all, the security of your data is our top priority.”

On Wednesday the Zoo and Tierpark Berlin had communicated that personal data of around 400,000 guests are expected to have migrated to the network. This is “most likely information about the name, email address and details of the products booked”. The passing on of passwords, telephone numbers, address or date of birth can “definitely be excluded”, since these are not queried in the registration process of the current online shops.

The capital’s zoological gardens urge caution and recommend changing passwords as a precaution “if these can be easily derived from your name and email address”. Zoo and Tierpark Director Andreas Knieriem emphasized: “We immediately informed the data protection authorities responsible for us in Germany about the incident when Ticketcounter informed us about the data theft.” The leak could be fixed, so that nothing stands in the way of the continued operation of the online shops. The ticketing system will be replaced in April, however, and the cooperation with Ticketcounter will then be terminated.

The portal initially found out about the data leak Bleeping Computer reported. Accordingly, a user database with 1.9 million different e-mail addresses has been lost at Ticketcounter. In some cases, telephone numbers, IP addresses, dates of birth, bank account numbers and hashed passwords were also included. Ticketcounter boss Sjoerd Bakker confirmed the incident. He explained that the company had transferred the database to a server belonging to Microsoft’s Azure cloud service in order to test an “anonymization process”. Subsequently, the directory was not adequately backed up.

The database is said to have been offered for sale at short notice in a hacker forum on February 21, according to the report. At the same time, however, you have already found a buyer privately. Bakker said he was blackmailed by the cyber crook on February 22nd. He asked for seven Bitcoin (around 285,000 euros) so that the data would not be leaked. Ticketcounter did not pay, but immediately informed all partners about the incident.

The attacker then made the database freely available via a hacker forum. She was also serving Have I Been Pwned made available and entered there, which users can use to find out whether their e-mail addresses and other information have been affected by a data leak.

Ticketcounter’s partners include zoos, amusement parks, museums and other leisure facilities. Bakker estimates that data from dozens of companies were included in the backup. Passwords have not expired the company assures. The Cologne Zoo, which wants to reopen on March 12th after the lockdown, also uses the service provider for online sales. A spokesman told heise online that Ticketcounter had confirmed to the company that it was not affected by the leak.


To home page