Eventbrite's troubles didn't stop with the May security breach that befell their subsidiary, Ticketfly. The event management and ticketing platform now faces a class action lawsuit on the grounds that they didn't do enough to prevent the attack.
According to a suit filed in Illinois' Cook County Superior Court, Eventbrite "failed to prevent, detect, or otherwise act in a reasonable manner or within a reasonable time." As a result, customers' confidential information was placed at risk. The suit cites incidents of bank fraud and identity theft as direct effects of the breach as users' names, addresses, phone numbers, email addresses and passwords had been accessed by an as-yet-unknown party.
A passage from the complaint reads:
Despite the severity of the Data Breach, Eventbrite failed to reasonably implement a breach notification protocol. Aside from a passive support page and a single Tweet on social media, Eventbrite failed to take measures to alert that their information had been breached.
In addition to calling upon Eventbrite to implement stronger cybersecurity measures moving forward, the suit seeks an undisclosed amount in damages. Neither Eventbrite nor Ticketfly have issued public statements regarding the lawsuit at this time.