Watch CBS News

UM Warns Ticket Buyers Of Security Breach

ANN ARBOR (WWJ) - University of Michigan officials have contacted over 33,000 customers who bought tickets at the Michigan Union Ticket Office in the last two years because their personal information may have been compromised.

WWJ Newsradio 950's Zahra Huber spoke with University of Michigan spokesman Rick Fitzgerald.

"It was a security breach with the vendor Vendini Inc., that is used by the University of Michigan's Michigan Union Ticket office. So it's not a U of M security breach and it involves many other ticketing outlets across the United States and Canada," Fitzgerald said.

"At the University of Michigan, we decided to take the extra step and notify our customers to make sure they were aware of the situation," Fitzgerald said.

He said U-M officials are now working with the vendor to make sure they understand exactly what happened and to assure that the problem has been solved.

In a statement, Vendini said a full-scale, internal investigation is underway with outside computer forensic and cyber security experts.

"Although our internal investigation is ongoing, we believe that in late March, a third-party criminal actor used hacking technologies to access our databases and may have accessed personal information, such as name, mailing address, email address, phone number, and credit card numbers and expiration dates that belong to our members' consumer-patrons.

"It is important to note we do not collect credit card security access codes (e.g., CVV, CVV2, PINs), information that is typically needed to complete a credit card transaction. Consumer-patron usernames or passwords were not accessed by the intruder." [Read more HERE].

The vendor  is urging anyone who bought tickets from the box office anytime between September of 2011 and April of this year is advised to double-check their bank statements.

View CBS News In
CBS News App Open
Chrome Safari Continue
Be the first to know
Get browser notifications for breaking news, live events, and exclusive reporting.