Quantcast
Get breaking news alerts via email

Click here to manage your alerts
This June 4, 2014 photo shows a $90 U.S. dollar FIFA ticket for the Spain vs. Chile World Cup game, bought by a fan on Stubhub.com, a website that connects buyers and sellers, for $775 U.S. dollars, in San Juan, Puerto Rico. Thieves hacked into the ticket-reselling site and fraudulently bought tickets using others' accounts. (AP Photo)
NYC official: Thieves got into 1K StubHub accounts
Online fraud » Six indicted for using accounts to fraudulently buy tickets to prime events.
First Published Jul 23 2014 08:54 am • Last Updated Jul 23 2014 03:17 pm

New York • Six people were indicted Wednesday in an international ring that managed to take over more than 1,000 StubHub users’ accounts and fraudulently buy tickets to such prime events as Jay-Z and Elton John concerts, a New York Yankees-Boston Red Sox game and Broadway shows like "The Book of Mormon," the Manhattan district attorney said.

Manhattan District Attorney Cyrus R. Vance Jr. said the thieves would then resell the tickets and split up the proceeds.

Join the Discussion
Post a Comment

"Today’s arrests and indictment connect a global network of hackers, identity thieves and money-launderers who victimized countless individuals," Vance said at Wednesday’s news conference.

He said investigators pored over more than 1,600 compromised accounts to trace the accused thieves via Internet protocol addresses, PayPal accounts, bank accounts and other financial accounts around the world.

Money stolen in the scheme, in ticket value, was at least $ 1.6 million, he said.

In addition to the six people indicted in the New York City case, four others have been arrested internationally: three in London and one in Toronto, under charges in their respective countries, Vance said.

StubHub said it was alerted to "a small number of accounts that had been illegaly taken over by fraudsters" last year and the online ticket seller began working with authorities around the world.

StubHub, which is based in San Francisco, said that the thieves didn’t break through its security — rather, they got account-holders’ login and password information from data breaches at other websites and retailers or from key-loggers or other malware on the customers’ computers, spokesman Glenn Lehrman said.

"It is important to note, there have been no intrusions into StubHub technical or financial systems," Lehrman said.

"We are pleased to be able to play a role in this effort as part of StubHub’s continuing commitment to maintaining safe and open markets for fans to buy and sell tickets."


story continues below
story continues below

The company detected the unauthorized transactions last year, contacted authorities and gave the affected customers refunds and help changing their passwords, he said.

StubHub, owned by eBay Inc., is the leading digital marketplace for reselling concert, sports, theater and other tickets, offering brokers and fans a way "to buy or sell their tickets in a safe, convenient and highly reliable environment," as its website pledges. The company, which serves as an official secondary ticket market for such entities as Major League Baseball, this spring unveiled plans to become an event producer itself, selling tickets to a handful of its own concerts.

In the last few years, major companies such as Target, LinkedIn, eBay and Neiman Marcus have been hacked. Target, the nation’s second-largest discounter, acknowledged in December that data connected to about 40 million credit and debit card accounts was stolen as part of a breach that began over the Thanksgiving weekend. Even Goodwill Industries Inc. found itself announcing last month that shoppers’ payment card data might have been stolen.

Ticket-sellers also have been targeted. The event ticketing service Vendini recently settled a class action lawsuit related to a data breach in 2013.

Since many people use the same passwords at multiple retailers, hackers who get hold of a password for one site often try it at another, Lehrman said.

Authorities generally advise consumers to protect against possible identity theft from such breaches by keeping close watch on their bank statements and using credit card monitoring services, among other tips.



Copyright 2014 The Salt Lake Tribune. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Top Reader Comments Read All Comments Post a Comment
Click here to read all comments   Click here to post a comment


About Reader Comments


Reader comments on sltrib.com are the opinions of the writer, not The Salt Lake Tribune. We will delete comments containing obscenities, personal attacks and inappropriate or offensive remarks. Flagrant or repeat violators will be banned. If you see an objectionable comment, please alert us by clicking the arrow on the upper right side of the comment and selecting "Flag comment as inappropriate". If you've recently registered with Disqus or aren't seeing your comments immediately, you may need to verify your email address. To do so, visit disqus.com/account.
See more about comments here.
Staying Connected
Videos
Jobs
Contests and Promotions
  • Search Obituaries
  • Place an Obituary

  • Search Cars
  • Search Homes
  • Search Jobs
  • Search Marketplace
  • Search Legal Notices

  • Other Services
  • Advertise With Us
  • Subscribe to the Newspaper
  • Access your e-Edition
  • Frequently Asked Questions
  • Contact a newsroom staff member
  • Access the Trib Archives
  • Privacy Policy
  • Missing your paper? Need to place your paper on vacation hold? For this and any other subscription related needs, click here or call 801.204.6100.