MSG Entertainment Investigates Data Breach Impacting Customer Personal Information
New York-based Madison Square Garden Entertainment Corp. (MSG Entertainment) is under investigation following a data breach discovered on December 16, 2025, that exposed sensitive customer information. The incident stemmed from a vulnerability in the Oracle eBusiness Suite, hosted by a third-party vendor, which was exploited by hackers as early as August 2025.
The breach potentially compromised names, addresses, and Social Security numbers of affected individuals. MSG Entertainment has since begun notifying impacted customers via mail.
Edelson Lechtzin LLP, a national class action law firm, is leading an investigation into potential legal claims on behalf of those whose data was exposed. The firm specializes in data privacy litigation and is evaluating remedies for affected parties.
MSG Entertainment operates high-profile venues, including Madison Square Garden, Radio City Music Hall, the Beacon Theatre, and the Chicago Theatre. The full scope of the breach and the number of individuals affected remain under review.
Oracle cybersecurity rating report: https://www.rankiteo.com/company/oracle
Madison Square Garden Entertainment Corp. cybersecurity rating report: https://www.rankiteo.com/company/msg-entertainment
"id": "ORAMSG1772238496",
"linkid": "oracle, msg-entertainment",
"type": "Vulnerability",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Entertainment, Venue Management',
'location': 'New York, USA',
'name': 'Madison Square Garden Entertainment Corp. '
'(MSG Entertainment)',
'type': 'Corporation'}],
'attack_vector': 'Third-party vendor vulnerability',
'customer_advisories': 'Notification via mail to affected customers',
'data_breach': {'personally_identifiable_information': 'Names, addresses, '
'Social Security '
'numbers',
'sensitivity_of_data': 'High (Social Security numbers, names, '
'addresses)',
'type_of_data_compromised': 'Personal Information'},
'date_detected': '2025-12-16',
'description': 'MSG Entertainment is under investigation following a data '
'breach discovered on December 16, 2025, that exposed '
'sensitive customer information. The incident stemmed from a '
'vulnerability in the Oracle eBusiness Suite, hosted by a '
'third-party vendor, which was exploited by hackers as early '
'as August 2025. The breach potentially compromised names, '
'addresses, and Social Security numbers of affected '
'individuals.',
'impact': {'data_compromised': 'Names, addresses, Social Security numbers',
'identity_theft_risk': 'High',
'legal_liabilities': 'Potential class action investigation',
'systems_affected': 'Oracle eBusiness Suite (third-party hosted)'},
'investigation_status': 'Under investigation',
'post_incident_analysis': {'root_causes': 'Vulnerability in Oracle eBusiness '
'Suite (third-party vendor)'},
'references': [{'source': 'Edelson Lechtzin LLP'}],
'regulatory_compliance': {'legal_actions': 'Class action investigation by '
'Edelson Lechtzin LLP'},
'response': {'communication_strategy': 'Customer notifications via mail'},
'title': 'MSG Entertainment Data Breach Impacting Customer Personal '
'Information',
'type': 'Data Breach',
'vulnerability_exploited': 'Oracle eBusiness Suite vulnerability'}