Two major UK high street banks have started to send out replacement cards for some of their customers, nine months after one lender reported fraudulent activity to Ticketmaster.
Customers of NatWest and RBS have taken to social media to vent their frustration over the way the incident has been handled.
Some complained that this is the first they’ve heard of the breach, which Ticketmaster reported in June and is believed to have affected in the region of 40,000 UK customers.
Others wanted to know if the letter sent by their bank was genuine.
“During 2018 Ticketmaster announced that they suffered a data breach between September 2017 and June 2018, which included data for some of our customers because of this we are replacing all customer debit and credit cards that may have been compromised by this breach,” explained a Twitter response to one such query by NatWest.
The banks claim they are issuing the replacement cards as a precaution, so there’s no confirmation that details were definitely accessed in the incident.
However, the lengthy delay in responding to the breach comes in stark contrast to banking start-up Monzo which requested Mastercard to issue replacement cards for all affected customers back in April last year.
In fact, the bank wrote in a blog post that it had initially contacted the ticketing giant to inform it of a potential breach, a warning that appeared to have gone unheeded for nearly two months.
Breaches are often first detected by banks as they’re able to analyze fraud patterns on customer cards to pinpoint a merchant they have in common.
The breach itself was the result of digital skimming code known as Magecart being seeded into software provided by a third-party developer Inbenta Technologies.
The latter claimed that Ticketmaster had implemented it incorrectly on its payments page.
“We were unaware of this, and would have advised against doing so had we known, as it presents a point of vulnerability,” it said at the time.
It’s unclear how many RBS and NatWest customers have experienced fraud as a result of the Ticketmaster breach, although card details from other Magecart breaches at BA and Newegg were spotted for sale on dark web sites just a week later.
This would seem to highlight the need for a speedy response from all parties in such cases, including the breached firm and relevant banks/card providers.