Ticketmaster Avoids Hacking Prosecution by Paying $10 Million Fine Ticketmaster Avoids Hacking Prosecution by Paying $10 Million Fine
Ticketmaster has entered a plea agreement with federal prosecutors in New York in a case related to its employees illegally accessing a rival companies... Ticketmaster Avoids Hacking Prosecution by Paying $10 Million Fine

Ticketmaster has entered a plea agreement with federal prosecutors in New York in a case related to its employees illegally accessing a rival companies systems to obtain information it used to poach clients and help run it into insolvency. The deal includes a payment of $10 million in fines to put the matter to rest.

“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” Acting U.S. Attorney Seth DuCharme said Wednesday in a press release.

“Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.  Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.”

The rival company in question is CrowdSurge, which operated a fan club-based ticketing rival to Ticketmaster. That company eventually merged with Songkick, which was subsequently purchased in part by Warner Music Group, with the remaining assets being bought by Live Nation Entertainment for over $100 million in order to settle a lawsuit brought by the company alleging the same matters being put to bed in this criminal matter.

A former Crowdsurge employee who took a position at Ticketmaster in 2013 was convinced to share access to back-end systems and proprietary information with his supervisors at Ticketmaster, in order that the Live Nation-owned behemoth could “choke off” the budding competitor, and “steal back” their signature clients, in effect allowing the ticketing giant to “cut [Crowdsurge] off at the knees.”

TicketNews detailed the allegations, including the presence of screenshots and details of CrowdSurge/Songkick’s platforms that couldn’t have possibly come from anywhere outside of illegally obtained inside access in a powerpoint deck shared with senior management, at the time of the initial lawsuit.

“When employees walk out of one company and into another, it’s illegal for them to take proprietary information with them. Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law. This investigation is a perfect example of why these laws exist – to protect consumers from being cheated in what should be a fair market place,” stated FBI Assistant Director-in-Charge Sweeney.

One Ticketmaster executive involved in the scheme, Zeeshan Zaidi, pled guilty in federal court in October 2019 to one count of conspiring to access protected computers without authorization and to commit wire fraud, according to the deferred prosecution agreement. He has not yet been sentenced in the case.

Ticketmaster, long dogged by allegations of anti-competitive and monopolistic behavior, must maintain clear policies to detect and prevent unauthorized computer intrusion and present annual reports on its conduct for the next three years in addition to the hefty fine.

“Ticketmaster terminated both Zaidi and Mead in 2017, after their conduct came to light,
Ticketmaster told The Verge in a statement. “Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.”

How a full three years passed between the powerpoint including proprietary CrowdSurge data being shared with Ticketmaster President Jared Smith, Live Nation Entertainment CEO Michael Rapino, and other senior management, and the termination of these employees remains to be explained.