64,000 Tomorrowland-goers compromised in data breach
The personal data of tens of thousands of attendees of Tomorrowland 2014 has been compromised in a suspected cyberattack, the festival has confirmed.
Personal information of 64,000 people who bought tickets through Paylogic, including names, email addresses and postcodes, may have been stolen after hackers gained access to an old festival database, although sensitive data such as payment information was not affected, according to Tomorrowland press coordinator Debby Wilmsen
Speaking to Flemish-language daily De Standaard, Wilmsen says the Belgian festival, one of the world’s largest electronic dance music (EDM) events, reported the breach to the Dutch Data Protection Authority before contacting customers.
“The managers of the Paylogic ticketing system noticed some unusual activity on an older system,” she explains. “After careful analysis, it appeared that an old database from Tomorrowland 2014 was responsible. The server in question was immediately taken offline.”
“An old database from Tomorrowland 2014 was responsible. The server in question was immediately taken offline”
“When we were informed about this by Paylogic, we first informed the Data Protection Authority. We then decided to send an email to all affected visitors to inform them.”
The data that was compromised, she adds, “only contains [visitors’] names, email address, gender, age and postal code. The payment details, passwords and addresses of the users are not included.”
In a statement, Paylogic (now owned by France’s Vivendi) says it has “taken all necessary actions” to prevent access to other old databases. “We also continue to invest in the security of our system,” it adds. “This incident only affects Tomorrowland 2014 and not our other customers.”