Ticketmaster pays $10M fine for accessing competitor's online systems

A Songkick ex-employee brought stolen passwords and URLs to Ticketmaster, the Justice Department says.

Corinne Reichert Senior Writer
Corinne Reichert (she/her) grew up in Sydney, Australia and moved to California in 2019. She holds degrees in law and communications, and currently writes news, analysis and features for CNET across the topics of electric vehicles, broadband networks, mobile devices, big tech, artificial intelligence, home technology and entertainment. In her spare time, she watches soccer games and F1 races, and goes to Disneyland as often as possible.
Expertise News, mobile, broadband, 5G, home tech, streaming services, entertainment, AI, policy, business, politics Credentials
  • I've been covering technology and mobile for 12 years, first as a telecommunications reporter and assistant editor at ZDNet in Australia, then as CNET's West Coast head of breaking news, and now in the Thought Leadership team.
Corinne Reichert
2 min read

Ticketmaster will pay $10 million for accessing Songkick's online pre-sales systems without authorization.

Live Nation

Ticketmaster will pay a $10 million criminal fine for repeatedly accessing the computer systems of one of its competitors without authorization. The online ticketing company agreed to the fine after being charged with five counts of computer intrusion and fraud by the US Attorney's Office for the Eastern District of New York, the Justice Department said Wednesday.

Ticketmaster employees used stolen passwords to access Songkick's systems to "unlawfully collect business intelligence," said Seth DuCharme, acting US attorney for the Eastern District of New York. The tactic was also promoted at a Ticketmaster summit for employees, the Justice Department said.

Read more: Stimulus payments will begin to arrive 'tonight': When the IRS will send your second check

The stolen passwords were obtained by an ex-employee of Songkick in 2014, according to the Justice Department. The passwords were used to gain access to the company's "Artist Toolbox," which contained real-time information about pre-sale tickets being sold for specific artists.

The ex-employee also provided Ticketmaster with Songkick's internal and confidential financial documents, after which he was promoted and given a pay raise, the Justice Department said.

"Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law," William Sweeney Jr., assistant director-in-charge of the FBI's New York Field Office, said in a statement.

By knowing the sequential system Songkick used to number its URLs for these hidden web pages, the ex-employee also helped Ticketmaster maintain a spreadsheet with every artist Songkick was working with on pre-sales. Ticketmaster could then contact those artists and try to persuade them to sell tickets through Ticketmaster instead of the Songkick, the Justice Department said.

As well as the $10 million fine, Ticketmaster must also institute a compliance and ethics program to detect and prevent violations of the Computer Fraud and Abuse Act.

As part of the scheme, Zeeshan Zaidi, the former head of Ticketmaster's Artist Services division, pleaded guilty to conspiring to commit computer intrusions and wire fraud back in October 2019. 

"Ticketmaster terminated both Zaidi and [Stephen] Mead [the Songkick ex-employee] in 2017, after their conduct came to light," a Ticketmaster spokesperson told CNET. "Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved."

Sources with knowledge of the siutation told CNET that no one above Zaidi -- who was Mead's boss -- knew about the practice.

The case was the subject of a civil settlement in January 2018, which saw Ticketmaster's parent company Live Nation acquire Songkick's ticketing commerce platform, anti-scalping algorithm, APIs and patents.