The giant online ticketing emporium, Ticketmaster, was the victim of a massive data breach which was a result of numerous failures – including the monitoring of subcontractors. The hack, according to Wired Magazine, was identified by Monzo, the start-up app-based banking service, who noticed a correlation between fraudulent activity and Ticketmaster purchases. Yet, when the company approached Ticketmaster, the giant ticketing platform did nothing. The ICO is investigating and has released a statement:

“Organisations have a legal duty to ensure that people’s personal information is held securely. We have been made aware of an issue concerning Ticketmaster and will be making enquiries. We will look at when the incident happened and when it was discovered as part of our work and this will inform whether it is dealt under the 1998 or 2018 Data Protection Act.”

Depending on when the company discovered this breach, the company that made $1.8 billion in revenues could be hit by a massive GDPR fine, yet if the breach was discovered before the GDPR came into effect, the net fine could be minimal.