More than a month after news first broke that hackers had access to the personal data of half a billion Ticketmaster users, the ticketing giant has begun to notify impacted consumers. The Live Nation Entertainment-owned company sent an email to those believed to have been involved in the “data security incident,” as well as publishing information on its website.

“Ticketmaster recently discovered that an unauthorized third party obtained information from a cloud database hosted by a third-party data services provider,” reads the email received by impacted consumers, in part. “Based on our investigation, we determined that the unauthorized activity occurred between April 2, 2024 and May 18, 2024. On May 23, 2024, we determined that some of your personal information may have been affected by the incident. We have not seen any additional unauthorized activity in the cloud database wince we began our investigation.”

Ticketmaster says it is “in the process of notifying relevant customers” at this time, but it is unclear how long that process may take. Information accessed included email, phone number, encrypted credit card information and other personal details on the consumer accounts.

“Relevant customers” are being offered a free 12-month identify monitoring service as a part of Ticketmaster’s response to the incident. Impacted consumers do not appear to be satisfied with that response, nor the fact that it took weeks for notification to go out.

It is unclear why it has taken so long for potentially impacted consumers to be notified. According to a filing with the Maine Attorney General’s office, reported by Complete Music Update, law enforcement wasn’t holding up that process.

The company has confirmed that it will begin notifying customers in Maine on 8 Jul – a delay of more than six weeks. This delay, the letter says, “is not due to law enforcement investigations”, but Ticketmaster is keen for customers to know that it has “been diligently investigating the incident with the assistance of outside experts”, and is “cooperating with federal law enforcement authorities”.

Ticketmaster is already facing legal issues related to the hacking incident. A proposed class action lawsuit has already been filed, accusing the company of failure to implement an “adequate and reasonable” cybersecurity procedure to keep user data secure. The news of the hack broke almost immediately after a massive antitrust lawsuit was filed by the Department of Justice seeking to break Ticketmaster and parent Live Nation up for alleged violations of the Sherman Antitrust Act.

This is not the first time that Ticketmaster has been victimized by a data breach, having seen the personal and payment details of nearly 10 million users accessed in 2018. That led to a £1.25 million fine for the company. Ticketfly, a subsidiary of Eventbrite that was subsequently shut down, suffered a data breach impacting an estimated 27 million users six years ago. See Tickets has also seen a data breach, impacting 300,000 users.

Ticketmaster and other ticketing systems have made themselves a very prominent target for such attacks because event organizers have increasingly relied on massive data-harvesting technology as a part of their operations, requiring the use of their mobile app to access tickets sold for most events. These systems enable ticketing companies to access enormous amounts of user data. This data forms a key pillar of Ticketmaster’s sales pitch to event operators, as it can be shared freely with those event operators, as well as sold on to third parties without further user consent.