Hacks are often seen as nothing personal, whether it’s data breaches or cyber-attacks in the corporate world.
But what if things aren’t always like that? What if your competitors deliberately use your ex-employees to hack you?
Well, this is precisely what the ticket distribution company Ticketmaster did.
Let’s see how that went.
A $10 million criminal fine
In January 2020, Ticketmaster admitted it hacked one of its competitors, CrowdSurge.
The hacking allegations were first reported in 2017 after CrowdSurge sued Live Nation, Ticketmaster’s parent company, for antitrust violations. According to court documents, Live Nation had hired a former CrowdSurge employee in 2013 and used his knowledge to access CrowdSurge’s systems.
At the time, Ticketmaster executives encouraged him to turn over his old employer’s secrets, including login details for analytics software. This offered them an in-depth overview of CrowdSurge’s operations and business strategies.
Besides providing login credentials, the former employee also showed Ticketmaster managers how to exploit a flaw in the URL generation scheme the rival used for unpublished ticketing webpages.
The whole gimmick lasted until 2015 when Ticketmaster lost access to CrowdSurge’s systems.
Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers as if that were an appropriate business tactic. Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.Seth D. DuCharme, Acting United States Attorney for the Eastern District of New York
The hack impacted the business. As of 2016, ticket resale was Ticketmaster’s fastest-growing business.
Ticketmaster also made a statement about the employees responsible for the hack:
Ticketmaster terminated both Zaidi and Mead in 2017, after their conduct came to light. Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.
In 2018, Ticketmaster accepted a $110 million settlement in their antitrust lawsuit. And now, another $10 million as a criminal fine for breaking into a competitors’ network.
Hacking the competition
A competitive advantage is something that makes you stand from your competition.
Whether your products are more desirable, more affordable, or maybe even trendier, you always need to balance bringing something new to the table and customers’ needs.
But the truth is that there’s always the option to steal ideas from your competitors.
Is it ethical? No.
Is it easier? Yes.
Intellectual property, proprietary designs, financial reports, personnel information, customer data; all of them can make a difference. And companies like Apple, Lego, Oreo, Uber, Jack Daniel’s, and so many others have been slammed with lawsuits for allegedly stealing ideas from competitors.
It’s such a dog-eat-dog world that company-on-company hacks are getting more commonplace, like data breaches.
Mercedes sued a Ferrari-Bound F-1 engineer over data theft, leaked Ashley Madison emails suggest their executives hacked competitors, and even The Astros’ latest data breach is believed to have been caused by another football team.
It’s as if hacking has become a business for organizations and cybercriminals alike.
Do you think companies will start acting more like cybercriminals? And will the authorities enact new legislation to regulate the field better?
Let me know your thoughts in the comment section below.
Until next time, stay safe and secure!