Ticketmaster: Sorry still seems to be the hardest word
At 1527 on Saturday, I received an email from ticketweb.co.uk, the direct email domain used by Ticketmaster, indicating that there was action required, and that I should update my PDF application.
It was clear to me that it was spam and that their systems had been compromised. So I ignored it.
The following morning at 0446, I received an “urgent alert”. It was from the same email account but it was clear that this was a genuine email explaining the bogus nature of the prior email. After explaining that their email marketing system had been exposed to unauthorised access, it rounded off with the following paragraph.
We sincerely regret any inconvenience this has caused. We are continuing to investigate this unauthorised access, and will send you a follow-up email when we have additional information.
At 0110 this morning, I received a “second important message from Ticketweb” (clearly undervaluing all of its marketing efforts to date). It gave more detail about the original compromise, explaining that if people had clicked the link therein and had entered their card details as requested, they should contact their card provider to stop the card. This time, its sign-off read as follows:
We sincerely regret any concern that may have been caused by this incident and we can assure you we took immediate action to close the unauthorised access as soon as it was identified. TicketWeb UK takes the security of your data in our systems very seriously and will be liaising with the Information Commissioner’s Office in relation to this unauthorised system access.
I am glad that they are regretful. But I feel a sense of loss. A sense of loss at their unwillingness to apologise. The word “sorry” doesn’t appear, nor the word “apologise”. (I first wrote about my issue with companies’ inability to say sorry here back in November 2008.)
I’m not sure of the legal implications of apologising – I assume there are some. But if the security of our data is taken very seriously by TicketWeb UK (a company that Ticketmaster acquired back in May 2000), then surely a direct apology is in order.