TicketNews has learned that The Shubert Organization – one of the largest operations in theatre both on and beyond Broadway – has suffered a data breach, including customer email addresses, names, and credit card numbers and expiration dates.
At this time, it is unclear whether this is a limited-scale breach involving a handful of accounts, or a wider breach that could affect the organization’s foundation or ticketing operations – which includes ownership of Telecharge as well as secondary market operations like Entertainment Benefits Group. An email request for details on the breach sent to a media relations executive for the company Tuesday morning has not yet received a response.
Affected customers have been contacted via a letter providing notice of the breach, one of which was forwarded to TicketNews. The letter detailed what Shubert knows regarding the breach, and that it is providing 24 months of credit monitoring services through TransUnion Interactive system. It also included information on “Steps You Can Take to Protect Against Identity Theft and Fraud.”
Per the letter, the company became aware of “unusual activity related to an employee’s email account” on or about February 11 of this year. An investigation revealed “unauthorized access to some employees’ email accounts” that took place between February 8 and 11 prior to it being detected.
“While the investigation was unable to confirm the scope of the information that was accessed within the affected email accounts, Shubert is notifying you in an abundance of caution because we have confirmed that your information was present in the affected email accounts.”
For whatever number of consumers the breach could affect, the letter indicates that their investigation concluded in mid-March that “information present in the affected email accounts includes your name, credit card number and credit card expiration date.”
We will update this story with more information as it becomes available.