VIDEO: Adele ticket website spits out personal data, and possibly credit card details


Thousands of fans have been trying to buy tickets for singing sensation Adele’s live concerts, but her website is failing to cope with demand.

Worse still, the site is revealing the personal information of other fans.

Some are reporting that they are even able to see the credit card details of other purchasers - but even if that’s not correct, the leaking of fans’ names and addresses is bad enough.

According to BBC News, the ticketing website is being run by a firm called Songkick, who blamed the problems on excessive demand for Adele tickets:

Due to extreme load experienced this morning, some of our customers were incorrectly able to preview limited account information belonging to other customers. There’s no evidence that this included credit card numbers or passwords. We take the privacy of our users very seriously, and we’re looking further into the matter to ensure it doesn’t happen again.”

The thing is this - if the website had been built properly in the first place, it shouldn’t have been possible for customers to see the details of other purchasers at all - regardless of whether the site was busy or not.

Check out my latest video for more information, and please consider subscribing to my channel if you would like to see more in future.

Tags: , , ,

Share this article:

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

One Response

  1. graphicequaliser

    December 2, 2015 at 10:18 am #

    The way I cope with overly-high demand on our public-facing web server : a simple throttle which checks to see how many requests are pending, and if too many, puts up a screen stating that they try again later when demand abates. These goons look as if they wait for it to crash before they claim there is too much demand! That’s cart before the horse if I ever heard of it!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.