Inbenta
Inbenta chatbot script compromised, hit Ticketmaster.
A third-party chatbot script provided by Inbenta Technologies to Ticketmaster UK (and potentially others) was compromised by attackers (Magecart group). Malicious JavaScript skimming code was injected into the legitimate script, allowing theft of payment card details and PII from users on Ticketmaster's payment pages where the widget was active.
- Date
- 2018-02-10 to 2018-06-23
- Category
- Commercial
- Target Surface
- Distribution
- Insertion Phase
- distribution
- Impact
- Skimming
- Cause
- Vendor compromise
What Was Affected
Package
Inbenta
ComponentLibrary
Artifact typesource archive
Domain typeproject download host
Domain
Inbenta Technologies
Compromised Versions
- Specific customized JavaScript provided by Inbenta to Ticketmaster, active Feb-June 2018
Incident Context
- Motive
- Financial gain
- Attribution
- Cybercriminal group
- Transitive
- No
- User Impact
- 40000
- Observed Duration
- 133 days
Evidence
Compromised Artifacts
- A customized JavaScript file provided by Inbenta to Ticketmaster, which was compromised and served on Ticketmaster's payment pages between February and June 2018.
Current Artifacts and Analysis
Source Data
Source record: proprietary/inbenta/meta.yaml