Vivendi Ticketing US LLC, operating as See Tickets US, suffered a prolonged data breach where unauthorized actors potentially accessed customer payment card data over a span of 2.5 years (June 25, 2019 – January 8, 2022). The exposed information included names, addresses, payment card numbers, expiration dates, and CVV numbers—highly sensitive financial details that could facilitate fraud or identity theft. The breach was disclosed publicly on October 24, 2022, long after the initial compromise, raising concerns about delayed detection and response. Given the nature of the stolen data (full payment card details), the incident poses a severe risk of financial fraud, unauthorized transactions, and long-term reputational damage for affected customers. The breach underscores vulnerabilities in payment processing systems and the critical need for robust monitoring to prevent extended exposure of such sensitive information.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-558540
TPRM report: https://www.rankiteo.com/company/eventim-usa
"id": "eve157082025",
"linkid": "eventim-usa",
"type": "Breach",
"date": "6/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Entertainment/Ticketing',
'location': 'United States (California)',
'name': 'Vivendi Ticketing US LLC (d/b/a See Tickets '
'US)',
'type': 'Private Company'}],
'data_breach': {'data_exfiltration': 'Likely (unauthorized access reported)',
'personally_identifiable_information': ['Names',
'Addresses',
'Payment card numbers',
'Card expiration '
'dates',
'CVV numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Payment Card Information '
'(PCI)']},
'date_publicly_disclosed': '2022-10-24',
'description': 'The California Office of the Attorney General reported that '
'Vivendi Ticketing US LLC (d/b/a See Tickets US) experienced a '
'data breach involving potential unauthorized access to '
'customer payment card information between June 25, 2019, and '
'January 8, 2022. The breach included names, addresses, '
'payment card numbers, card expiration dates, and CVV numbers '
'of some customers.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Payment card numbers',
'Card expiration dates',
'CVV numbers'],
'identity_theft_risk': 'High (payment card and PII exposed)',
'payment_information_risk': 'High (full card details including CVV '
'exposed)'},
'references': [{'date_accessed': '2022-10-24',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['Potential violation of '
'California Consumer '
'Privacy Act (CCPA)',
'Potential violation of '
'Payment Card Industry '
'Data Security Standard '
'(PCI DSS)'],
'regulatory_notifications': 'Reported to California '
'Office of the Attorney '
'General'},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'Data Breach at Vivendi Ticketing US LLC (See Tickets US)',
'type': 'Data Breach'}