Ticketmaster has issued a warning to New Zealand customers following a data breach in the UK, despite the security scare only impacting less than five per cent of customers globally.
The online events ticket reseller identified on 23 June malicious software on a customer support product hosted by Spain-based artificial intelligence provider Inbenta Technologies, an external third-party supplier to Ticketmaster.
The malware was exporting UK customers' data to an unknown third-party, the company found.
Customers' personal or payment information may have been accessed that includes name, address, email address, telephone number, payment details and Ticketmaster login details.
Following the breach, Ibenta services have been disabled across all Ticketmaster websites.
"As a result of Inbenta's product running on Ticketmaster International websites, some of our customers' personal or payment information may have been accessed by an unknown third-party," a company statement to customers read.
International customers who purchased, or attempted to purchase, tickets between September 2017 and 23 June 2018 may have been affected, as well as UK customers. However, the company advised that customers in North America have not been affected.
"If you have not received an email, we do not believe you have been affected by this security incident based on our investigations," a company statement added.
"Forensic teams and security experts are working around the clock to understand how the data was compromised. We are working with relevant authorities, as well as credit card companies and banks."
For those customers that have received an email from Ticketmaster, they have been advised to reset passwords.
The warning comes less than 24 hours after New Zealand-based fuel supplier Z Energy revealed that customer data from its Z Card Online database was accessed by a third party in November 2017.
As reported by Reseller News, the database held customer data such as names, addresses, registration numbers, vehicle types and credit limits with the company.
At this stage, Z Energy did not specify the extent to which its customer data had been compromised.
The company said it had notified affected customers and advised the Privacy Commissioner of the breach, with the system in question closed since December 2017.