Protecting customers from the Ticketmaster Breach: Monzo's story

Our story from behind the scenes:

I just want to say thanks!

I received the email regarding the data breach from Ticketmaster, and have been going through and changing passwords where necessary (I know, I know, they should all be different, but occasionally I get lazy!). I hadn’t even considered requesting a new bank card - instead just keeping an eye on my transaction history, which in itself is made easier by the live notifications.

Getting the notification that you will be automatically replacing my bank card, and reading about all of the work you have been doing behind the scenes in regards to spotting the breach before even Ticketmaster had is a huge relief as a customer. I’ve never seen so much transparency from a bank before in regards to issues like these, and it’s wonderful to see you being so proactive by automatically replacing bank cards for people rather than your customers having to request them themselves. If my data was breached, I would have foolishly waited for something to happen before contacting you. You may have potentially saved me a lot of trouble, phew!

I’m not really sure how to sum this up other than - thanks again. Going full Monzo was the best banking choice I have made.

Who needs advertising, when transparency and pro-activeness can prove that Monzo is nothing but a good move for your banking !

This is truly amazing work from Monzo nicely done guys

Are there any implications for Ticketmaster, given they were notified of a breach months ago and failed to follow up on it?

It’s great to see monzos backend is amazing and they have the flexibility of seeing all these trends etc which other banks didn’t seem to be able to catch .

I’m also interested, but they said they did their investigations and found nothing, but the malware was in 3rd party software that they may not have had the access to the code to inspect properly.

Incredible isn’t it - Ticketmaster obviously took an early interest because they sent people over right away, but for whatever reason didn’t believe what they were being told. I imagine they didn’t consider or check/audit the possibility of external scripts being accessed, or if they did the script they checked wasn’t the version delivered to customers (CDN, server farm etc). My guess is that if genuinely no other banks or card issuers had reported a problem, they perhaps suspected Monzo themselves were the source!

I’d love to see that go to court and let someone decide where they failed to spot this. It seems pretty amazing that they didn’t spot it earlier with all the data Monzo had.

As a systems security architect myself, this is an incredibly praiseworthy response from Monzo. Genuinely impressed by this guys, an exceptionally-well handled incident to say the least.

I don’t think that ticketmaster can blame a third party - they are ultimately responsible for the security of their systems.

Impressive work from Monzo

Another reason why Monzo is an amazing company to be with. Proud to be a customer especially as I was someone at risk from this!

Ye I agree, but I was just saying why maybe they couldn’t find the breach when they were notified

Then they need better security people!

I wasn’t affected by this, as I don’t use Ticketmaster, but it’s so good to see how Monzo protects all of us - great work guys and girls.

Companies like Ticketmaster, and other companies, should follow the Monzo way!

Out of interest, why couldnt Monzo publicly present the evidence and say they believed Ticketmaster was the source?

It would be a bit embarrassing for Monzo if that turned out not to be the case
also it would be unfair on Ticketmaster to fram them for something without confirmation.

Isn’t there something about keeping a breach from going public until the originator of the breach has prepared / patches the issue? Or am I thinking of security bugs?

I was affected by this and I would like to thank Monzo for the proactive actions taken - well done financial security team

You’ve made the BBC front page news!

I haven’t had an email from TicketMaster which I guess means they don’t think I was a victim. Not sure that I trust their judgement of that though.