Home » From The Readers, Letters to the Editor » Local and National Box Office and Online Credit Sales Breach

Local and National Box Office and Online Credit Sales Breach

id theft 6Sedona AZ (June 28, 2013) – The following is a letter to the SedonaEye.com editor sent by Sedona (Arizona) Studio Live President Susie Schomaker advising of a possible credit card security breach.

In addition to Studio Live ticket purchases, please be aware that Vendini provides box-office and online ticketing services to hundreds of entertainment venues, which include tour, casino, sports, and arts organizations across the U.S. and Canada.

Based on Vendini’s records, if you used a credit card to make a purchase for an event that was processed through Vendini’s service, your information may have been involved in this incident.

The letter from Ms. Schomaker is as follows:

Hello all,

I am sending this email to bring to your attention that the Vendini Ticketing company was breached in April of this year. If you had bought tickets to one of our shows before April 25, 2013, it is possible your Name, Mailing Address, email address, phone number, Credit card # and expiration date may have been accessed.

Also, attached below you’ll find an email from the CEO of Vendini with explicit directions and phone numbers to assist you if there was a problem. PLEASE BE SURE TO READ.

We sincerely regret this inconvenience and have been asked to be vigilant and report any issues that appear.

Feel free to contact me if you have any questions.

Sincerely,

Suzie Schomaker
President
Sedona Performing Arts Alliance
928.282.0549
director@studiolivesedona.com
 

id theft 3IMPORTANT INFORMATION. PLEASE READ IN ITS ENTIRETY.

Dear Patron:

We regret to inform you that on April 25, 2013, Vendini, Inc. detected an unauthorized intrusion into its systems. Vendini provides box-office and online ticketing services to hundreds of entertainment venues, which include tour, casino, sports, and arts organizations across the U.S. and Canada. Based on Vendini’s records, if you used a credit card to make a purchase for an event that was processed through Vendini’s service, your information may have been involved in this incident.

If you have already received a letter from Vendini or a Vendini customer (an event venue or organization who uses our ticketing services), this letter concerns the SAME incident and we apologize for any inconvenience. We have been working with our customers for several weeks, and we decided at this point to reach out directly to give you more information about what happened.

We are actively cooperating with federal law enforcement, and this notification to you was delayed to avoid compromising law enforcement’s investigation. In addition, we have been conducting a full-scale internal investigation at Vendini with outside computer forensic and cyber security experts. Although these investigations are ongoing, Vendini believes that in late March, a third-party criminal actor used hacking technologies to access its databases and may have accessed your personal information, such as name, mailing address, email address, phone number, and credit card numbers and expiration dates.

Please note that security access codes – such as the three-digit code that appears on the back of some credit cards (e.g., CVV, CVV2) – and PIN numbers, usernames, passwords, and Social Security Numbers were not affected, as Vendini does not collect and store this type of information.

id theft 4We have implemented enhanced security measures designed to prevent a recurrence of this type of incident. We have cooperated and will continue to cooperate with federal law enforcement, our merchant banks and the credit card companies. In addition, please note the following:

To protect against even the possibility of identity theft or fraud, we urge you to remain vigilant, and to regularly review your credit card account statements and credit reports for any unauthorized activity.

If you suspect that you may be a victim of identity theft or fraud, immediately contact your local law enforcement agency, your State Attorney General’s office and the Federal Trade Commission. We have enclosed a Resources Guide for your reference.

Do NOT respond to any requests for sensitive personal information in relation to this incident. Vendini will never request such information via email or telephone unless it is absolutely necessary to respond directly to you regarding how this incident may impact you.

We sincerely regret this incident. Protecting data privacy and security is a top priority for Vendini, Inc. For more information regarding this incident, please contact Vendini toll-free at 1-800-836-0473 or visit www.vendini.com/info.

Sincerely,

Mark Tacchi

President and CEO

Resources Guide

id theft 2For Residents of Maryland and North Carolina: For information about fraud alerts, security freezes, and steps you can take to protect against identity theft or fraud, contact the U.S. Federal Trade Commission (see contact information below), or as applicable:

Maryland’s Office of the Attorney General: 200 Saint Paul Place, Baltimore, MD 21202; Tel: (410) 576-6300; or Visit: www.oag.state.md.us

North Carolina’s Attorney General’s Office: 9001 Mail Service Center, Raleigh, NC 27699-9001; Tel: (919) 716-6400;

Fax: (919) 716-6750; or Visit: http://www.ncdoj.com

For Residents of Nebraska: The Nebraska Attorney General’s Identity Theft Repair Kit is available online at www.ago.ne.gov/consumer_protection. The Nebraska Attorney General’s Consumer Protection Mediation Center, which provides assistance to Nebraskans with consumer protection and identity theft issues, may be reached at (800) 727-6432 or (402) 471-2682, or by visiting www.ago.ne.gov.

U.S. Federal Trade Commission (FTC): The FTC has helpful information about how to avoid identity theft and other steps that consumers can take to protect themselves.

Write to: Consumer Response Center, 600 Pennsylvania Ave., NW, H-130, Washington, D.C. 20580

Call Toll-Free: 1-877-IDTHEFT (438-4338); or Visit: http://www.ftc.gov/idtheft

Free Annual Credit Report: You may obtain a free copy of your credit report once every 12 months (or purchase or obtain additional copies of your credit report). Call Toll-Free: 1-877-322-8228; or Visit: https://www.annualcreditreport.com; or Contact any one or more of the national consumer reporting agencies:

Equifax: P.O. Box 740241, Atlanta, GA 30374-0241 (800) 685-1111 www.equifax.com

Experian: P.O. Box 2002, Allen, TX 75013 (888) 397-3742 www.experian.com

TransUnion: P. O. Box 1000, Chester, PA 19022 (800) 888-4213 www.transunion.com

“Fraud Alerts” and “Security Freezes”

Fraud Alert – You have the right to place a fraud alert in your file to alert potential creditors that you may be a victim of identity theft. Creditors must then follow certain procedures to protect you; therefore, a fraud alert may delay your ability to obtain credit. An “initial fraud alert” stays in your file for at least 90 days. An “extended fraud alert” stays in your file for 7 years, and will require an identity theft report (usually, a filed police report). You may place a fraud alert by calling any one of the three national consumer reporting agencies:

Equifax: 1-800-525-6285 Experian: 1-888-397-3742 TransUnion: 1-800-680-7289

Security Freeze – Some U.S. states provide the right to place a security freeze on your credit file, which prevents credit, loans and services from being approved in your name without your consent. Using a freeze may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services. To place a freeze, you must send a written request to each of the three major consumer reporting agencies (addresses below) with the following (if you are requesting for your spouse, this information must be provided for him/her as well): (1) Full name, with middle initial and any suffixes; (2) Social Security Number; (3) Date of Birth; (4) Current address and any previous addresses for the past several years; and (5) Any applicable incident report or complaint with a law enforcement agency or the Registry of Motor Vehicles or other complaint concerning identity theft; (6) A copy of a government-issued identification card and (7) A copy of a recent utility bill or bank or insurance statement for proof of current address. Copies of documents must be legible, display your name and current mailing address, and the date of issue. The credit reporting agencies have three (3) business days after receiving your request to place a security and must send you send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze. There are also procedures for lifting and removing a freeze. The credit reporting agency may charge a fee up to $5.00 to place, lift, and/or remove a freeze, unless you are a victim of identity theft and you have submitted a valid police report to the credit reporting agency. Do not send cash through the mail.

Equifax Security Freeze: P.O. Box 105788, Atlanta, Georgia 30348 (www.equifax.com)

Experian Security Freeze: P.O. Box 9554, Allen, TX 75013 (www.experian.com)

TransUnion (Fraud Victim Assistance Division): P.O. Box 6790, Fullerton, CA 92834-6790 (www.transunion.com)

For the best in Arizona news and views, read www.SedonaEye.com daily!

For the best in Arizona news and views, read www.SedonaEye.com daily!

7 Comments

  1. Sherie Mercier, Pastor in Prescott AZ Liked and shared this article on Facebook saying “Thx for the info!”

  2. Good day. I wanted to mention we very much appreciated this information. Its result for us was to investigate a ticket purchase made in Branson MO after a vacation. Friends forwarded this to us after friends of theirs did the same for them. The speed of information is remarkable. If you will subscribe these email addresses at (deleted by editor) and (deleted by editor) we will pass this information forward to friends and family. Quite nice!

  3. N. Baer says:

    Everyone take note, a “hack” is now called a “breach.” Now doesn’t that make you feel better about the fact that your personal identification and credit card information is somewhere floating around the world’s wireless networks?

  4. Tom says:

    good call & you’re right n. baer because words matter

  5. Not only breaching over wireless but data collecters (wireless carriers)immume from prosecution. This is applicable to smart meter data collection over cell tower wireless too.

    http://whyfry.org/u-s-court-upholds-telecom-immunity-to-surveillance-on-americans/

  6. Ridiculous that the courts upheld the above and why aren’t we told? I’d go so far to say that the government has run to ground. I’m a retired state employee. Never have I seen such mismanagement because of the low quality of employees in the past decade or two. Unqualified managers being promoted hiring unqualified new employees and that’s got nothing to do with color and lots to do with culture. My mother worked during the war and instilled in us high values and good work ethics after my father died in a car crash and left her with four young children and no income. We went to work early and we’re better for it. If you think that my words are racist than hear me say I’m a minority. If that makes a difference listening to me you’re the racist and you’re the problem now.

  7. I get emails from companies that say I have an account and ordered something, liars and cheats everywhere. If they don’t use my credit cards guess there’s nothing you can do about it.

Leave a Reply

Copyright © 2008-2015 · Sedona Eye · All Rights Reserved · Posts · Comments · Facebook · Twitter ·