Royal Bank of Scotland, Natwest fling new bank cards at folks after Ticketmaster hack
Fresh plastic comes six months after ticket flogger fessed up to Magecart malware infection
The Royal Bank of Scotland and NatWest have issued customers with replacement cards as a result of last year’s Ticketmaster breach that hit around 40,000 Brits.
The banks said on social media they were swapping out the plastic used by punters on Ticketmaster's website as part of efforts to ensure “significant levels of security”.
Good evening Emma, we have issued letters to customers who have been affected by this breach, this is a genuine letter from us. Sorry for any confusion caused. PH— Royal Bank (@RBS_Help) January 9, 2019
Hi there Michael. These letters are genuine :) SG— NatWest (@NatWest_Help) January 10, 2019
The letter states that replacement cards are being sent to anyone who used their card at Ticketmaster, noting it is a "precaution" and that in some cases there is no indication that person's information has been accessed.
@TicketmasterUK how comes a letter from my bank telling me they’re sending me a new card is the first I’ve heard about it. Surely you should have contacted me all those months ago to let me know I might be effected by your data breach😡. #ticketmaster #databreach #irresponsible pic.twitter.com/CSVGYY5bWU— ꃅꂦ꒒꒒ꌗßꂦ꒒꒒ꌗ (@BollsHolls) January 9, 2019
In a statement, RBS said: "Our priority is to make sure our customers' data is secure. Following the data breach disclosed by Ticketmaster, we are proactively reissuing cards to all impacted cardholders."
"Ticketmaster directly applied the script to its payments page, without notifying our team. Had we known that script would have been used in that way, we would have advised against it, as it poses a security threat," said Inbenta CEO Jordi Torras.
Ticketmaster said all cards used between February and June 2018, for UK customers, and between September 2017 and June 2018, for international customers, were at risk.
Some 40,000 Brits were estimated to have been hit in the incident, which exposed people's names, addresses, email addresses and payment details.
In December, one Reg reader told us that two of his cards – both of which were linked to his Ticketmaster account – were being used for unauthorised transactions.
The decision by RBS – which is the parent company of NatWest – to replace affected customers' cards, while welcomed by customers, comes about nine months after online banking upstart Monzo took similar action.
When Ticketmaster went public, Monzo piped up to say its internal fraud detection systems had "spotted signs" as early as April, blocking a number of cards that had also been used at Ticketmaster. The firm said it told Ticketmaster and then "proactively replaced the cards of all Monzo customers who could have been affected".®
Sponsored: Becoming a Pragmatic Security Leader