In November 2022, Ticketmaster Entertainment, Inc., an American ticket sales and distribution company, faced a massive influx of traffic on its website, which resulted in problems with ticket sales for Taylor Swift’s upcoming U.S. tour. At the time, this traffic was considered an outcome of an unprecedentedly large number of people wanting to purchase tickets.
However, Joe Berchtold, president of Ticketmaster’s parent company, Live Nation Entertainment Inc., claimed in the Senate Judiciary Committee hearing on Tuesday that Ticketmaster had been attacked by bots.
“We apologize to the fans, we apologize to Ms. Swift, we need to do better and we will do better,” Berchtold said.
According to prepared remarks, as reported by Politico, Berchtold will tell the Senate Judiciary Committee that Ticketmaster was “hit with three times the amount of bot traffic than we had ever experienced, and for the first time in 400 Verified Fan on-sales, they came after our Verified Fan access code servers.”
He emphasized in his remarks that the hackers were not able to illegally obtain any tickets.
“While the bots failed to penetrate our systems or acquire any tickets, the attack required us to slow down and even pause our sales,” Berchtold will say.
Although the culprit behind the attacks has not been identified, Ticketmaster has reported the attack to the Federal Trade Commission and the FBI, who are investigating the incident.
As a result of the merger with Live Nation in 2010, Ticketmaster dominates the marketplace with a 70% market share and over 80% for live concerts, leading critics to pose the argument that the company has no incentive to make changes which offer its customers a positive experience.
Berchtold will oppose these allegations by claiming that the ticketing industry is at the height of its competition. “Ticketmaster has lost, not gained, market share, and every year competitive bidding results in ticketing companies getting less of the economic value in a ticketing contract while venues and teams get more.”
In response to the news, Mark Lamb, CEO of cybersecurity firm HighGround said that “Whether it’s a pop concert or a worldwide pandemic, public events that attract a wide audience will always prompt a surge in cybercrime.”
“Ticketmaster appears to have suffered from a Bot-driven attack where a malicious threat actor used automated attack tools to overflow the website with traffic, with the intention of taking systems offline and disrupting purchases,” added Mark. “With Taylor Swift being such a popular celebrity, the incident has caused negative publicity for Ticketmaster with fans and Swift herself wanting to know what happened and threatening to boycott the site.”
“Event sites must use the incident as a reminder of the importance of focusing on network resilience before ticket sales go live, particularly when events are going to attract a high volume of purchasers. Bot mitigation tools and DDoS protections are two critical elements of this resilience,” Mark warned.
Jack Groetzinger, the co-founder of SeatGeek, a rival of Ticketmaster, said during the hearing that the current ticket sale methods are “antiquated and ripe for innovation.”
“As long as Live Nation remains both the dominant concert promoter and ticketer of major venues in the U.S., the industry will continue to lack competition and struggle,” he said.
In November, Live Nation stated that the reason for its dominant role in the industry is “the large gap that exists between the quality of the Ticketmaster system and the next best primary ticketing system.”
Along with this, Berchtold intends on urging Congress to revise the 2016 BOTS Act to amend loopholes and allow private companies like Ticketmaster to file civil cases against individuals involved in the resale of tickets obtained by bots.
“In this forum where we are here to discuss public policy, we also need to recognize how industrial scalpers breaking the law using bots and cyberattacks to try to unfairly gain tickets contributes to an awful consumer experience,” Berchtold will testify.