VIDEO: Adele ticket website spits out personal data, and possibly credit card details

Graham Cluley

VIDEO: Adele ticket website spits out personal data, and possibly credit card details

Thousands of fans have been trying to buy tickets for singing sensation Adele’s live concerts, but her website is failing to cope with demand.

Worse still, the site is revealing the personal information of other fans.

Some are reporting that they are even able to see the credit card details of other purchasers – but even if that’s not correct, the leaking of fans’ names and addresses is bad enough.

According to BBC News, the ticketing website is being run by a firm called Songkick, who blamed the problems on excessive demand for Adele tickets:

“Due to extreme load experienced this morning, some of our customers were incorrectly able to preview limited account information belonging to other customers. There’s no evidence that this included credit card numbers or passwords. We take the privacy of our users very seriously, and we’re looking further into the matter to ensure it doesn’t happen again.”

The thing is this – if the website had been built properly in the first place, it shouldn’t have been possible for customers to see the details of other purchasers at all – regardless of whether the site was busy or not.

Check out my latest video for more information, and please consider subscribing to my channel if you would like to see more in future.

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One Reply to “VIDEO: Adele ticket website spits out personal data, and possibly credit card details”

  1. The way I cope with overly-high demand on our public-facing web server : a simple throttle which checks to see how many requests are pending, and if too many, puts up a screen stating that they try again later when demand abates. These goons look as if they wait for it to crash before they claim there is too much demand! That's cart before the horse if I ever heard of it!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET UPDATES