Ticketmaster Pays $10 Million USD Criminal Fine for Intrusions into Competitor’s Computer Systems

Ticketmaster has agreed to pay a $10 million fine to resolve charges that it repeatedly accessed without authorization the computer systems of a competitor.  The fine is part of a deferred prosecution agreement that Ticketmaster has entered with the United States Attorney’s Office.

Previously, on October 18th 2019, Zeeshan Zaidi, the former head of Ticketmaster’s Artist Services division, pled guilty in a related case to conspiring to commit computer intrusions and wire fraud based on his participation in the same scheme.  Both cases are assigned to U.S. District Judge Margo K. Brodie.

Seth D. DuCharme, Acting United States Attorney for the Eastern District of New York, and William F. Sweeney, Jr., Assistant Director-in-Charge of the Federal Bureau of Investigation’s New York Field Office, made the announcement.

“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” stated Acting U.S. Attorney DuCharme.  “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.  Today’s resolution demonstrates that any company that obtains a competitor’s confidential information for commercial advantage, without authority or permission, should expect to be held accountable in federal court.”

“When employees walk out of one company and into another, it’s illegal for them to take proprietary information with them. Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law. This investigation is a perfect example of why these laws exist – to protect consumers from being cheated in what should be a fair market place,” stated FBI Assistant Director-in-Charge Sweeney.

According to Ticketmaster’s admissions and publicly filed court documents, Ticketmaster, a wholly owned subsidiary of Live Nation Entertainment, Inc. (Live Nation), was primarily engaged in the business of selling and distributing tickets to events and concerts.  The victim company offered artists the ability to sell presale tickets – sold in advance of general ticket sales – on an online ticketing platform.  It also offered artists an Artist Toolbox (the Toolbox), which was a password-protected app that provided real-time data about tickets sold through the victim company. 

Instrumental to the criminal scheme was Coconspirator-1, a former senior employee of the victim company, who worked in the company’s Brooklyn, New York offices from approximately May 2010 to July 2012.  In approximately July 2012, Coconspirator-1 signed a separation agreement with the victim company, in which he agreed to maintain the confidentiality of that company’s confidential information.  He then joined Live Nation in approximately August 2013.

In November 2013, while employed by Live Nation, Coconspirator-1 shared with Zaidi and another Ticketmaster employee the URLs for draft ticketing web pages that the victim company had built for an artist, but had not disseminated to the public.  In response to a Ticketmaster executive explaining that the goal was to “choke off [victim company]” and “steal back one of [victim company]’s signature clients,” Coconspirator-1 offered that Ticketmaster could “cut [victim company] off at the knees” if they could win back presale ticketing business for a second major artist that was a client of the victim company.

Under the terms of the deferred prosecution agreement, Ticketmaster will pay a criminal penalty of $10 million and will maintain a compliance and ethics program designed to prevent and detect violations of the Computer Fraud and Abuse Act and other applicable laws, and to prevent the unauthorized and unlawful acquisition of confidential information belonging to its competitors. 

Ticketmaster will also report to the United States Attorney’s Office annually during the three-year term of the agreement regarding these compliance measures.  If the Company breaches the agreement, it will be subject to prosecution for the charges in the criminal information that was filed today, charging the Company with one count of conspiracy to commit computer intrusions, one count of computer intrusion for commercial advantage, one count of computer intrusion in furtherance of fraud, one count of wire fraud conspiracy and one count of wire fraud.

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: