Hundreds of attendees at a Canterbury music festival have been caught up in a privacy breach after pre-sale reminders were sent to the wrong recipients.
The emails, which are sent out to remind people to purchase tickets to the Rolling Meadows music festival, were mistakenly sent to the wrong recipients, revealing personal information.
The incorrect information included a full name, email address, mobile number, postcode, ticket type and quantity, an order identification number, and the last four digits of the payment card, as well as the expiry month and card type.
The incorrect information included the last four digits of the payment card, as well as the expiry month and card type.
In some cases, recipients were able to view details of another customer鈥檚 ticket order through the included link.
The festival, which draws up to 7000 people, has been a two-day music festival held in Waipara, North Canterbury, for four years, hosting a variety of acts on December 30 and 31.
Rolling Meadows and the global ticketing company, Flicket, confirmed the error was caused by a fault within Flicket鈥檚 system.
Flicket provided a statement to the Herald reiteratiung the fact Rolling Meadows was not responsible for the breach, which was identified shortly after midday yesterday.
The statement said the breach had resulted in 310 reminder emails being sent to the wrong recipients.
It read:
鈥淲e want to stress that at no time were full payment card numbers, CVV/security codes, account passwords, login credentials exposed, or tickets.
鈥淎s soon as the issue was detected, we acted quickly to contain it.
鈥淭his included immediately pausing the affected email sends, disabling all impacted links, rolling order IDs to prevent any further access, and deploying an error page requiring customers to log in to view their correct order details.
鈥淥ur engineering team has fully resolved the issue and added safeguards to prevent this from happening again.
鈥淥nly 206 of the incorrect emails were opened, and approximately 50 affected customers have contacted our support team.鈥
Festival attendees can also authorise the ticket to be purchased automatically and receive a reminder about this.
The statement noted that despite the low-level breach, the company would self-report to the Privacy Commission and reach out directly to affected customers.
鈥淲e sincerely apologise to our customers for this error and for any distress or concern it may have caused,鈥 it said.
鈥淧rotecting personal information is a responsibility we take extremely seriously, and we deeply regret that this incident occurred.鈥
The breach comes after the festival announced it would be moving from Waipara, about an hour north of Christchurch, to Bottle Lake Forest, on the outskirts of the city.
It announced it would be expanding from two to three days.
The festival will introduce a New Zealand artists-only night on December 29, which will double as a campers-only night.
The 2024 Rolling Meadows was headlined by American rapper Wiz Khalifa, English pop star Natasha Bedingfield and drum and bass act Hybrid Minds.
Take your Radio, Podcasts and Music with you
Get the iHeart App
Get more of the radio, music and podcasts you love with the FREE iHeartRadio app. Scan the QR code to download now.
Download from the app stores
Stream unlimited music, thousands of radio stations and podcasts all in one app. iHeartRadio is easy to use and all FREE
