Our Emergency Incident Response Team is Ready 24/7: CALL NOW (833) 578-1916 >

March 27, 2023

Data Breach of Middlebury College's Third-Party Ticket Vendor Potentially Exposes Hundreds

Middlebury College has suffered a data breach through its third-party vendor, AudienceView, which the college uses for event ticketing. Although the breach initially did not seem to impact anyone affiliated with the college, Middlebury later began to receive reports from students that their credit card information had been stolen.

In response, ticket sales through middlebury.universitytickets.com have been suspended until further notice. AudienceView has also suspended all online sales for all schools due to new security breach concerns.

The breach may have affected personal information such as names, billing addresses, email addresses, phone numbers, and payment information, and occurred between February 17, 2023, and February 21, 2023. For the Feb. 17 to 21 timeframe, AudienceView identified 665 individuals whose information might have been exposed in the breach, 594 college community members, and 71 from the surrounding community.

The college is independently verifying the relevant dates, and Middlebury community members who had purchased tickets at any point last month have been advised to check their accounts for fraudulent activity. The data breach did not affect in-person box office sales or other Middlebury systems.

Middlebury College has announced that its third-party ticket vendor, AudienceView, has experienced a nationwide data breach. On Feb. 23, the vendor notified the school about the breach, which initially administrators were told had not impacted anyone affiliated with the college. However, students soon reported that their credit card information appeared to have been stolen. The college has suspended ticket sales through middlebury.universitytickets.com until further notice. AudienceView has suspended all online sales for all schools, citing new security breach concerns.

AudienceView informed users of the data breach, which has also impacted many higher education institutions, including Worcester Polytechnic Institute and Virginia Tech. In an email to Middlebury community members who may have been affected by the breach, the vendor provided additional information about the incident and advised users to cancel and replace their card as soon as possible. The breach includes personal information such as names, billing addresses, email addresses, phone numbers and payment information.

Interim Assistant Vice President for Information Technology Services (ITS) Chris Norris has encouraged anyone who had purchased tickets at any point last month to check their accounts for fraudulent activity. For the Feb. 17 to 21 timeframe, AudienceView identified 665 individuals whose information might have been exposed in the breach — 594 college community members and 71 from the surrounding community. The breach did not impact in-person Box Office sales or other Middlebury systems, the college clarified.

Middlebury students have reported credit or debit card fraud on their accounts following the AudienceView security breach. The college has paused use of AudienceView, and ticketing for many upcoming events will take place in person at the Box Office. For the time being, other upcoming events will also rely on in-person or phone ticket sales, according to Norris.

How to Protect Yourself Against University Cybersecurity Attacks Similar to the Middlebury AudienceView Breach

As the CEO of Cyber Sleuth Security, a company that specializes in providing cybersecurity solutions to universities, I find this news story highly concerning. The data breach that occurred at Middlebury College's third-party ticket vendor, AudienceView, highlights the vulnerability of universities and their students to cyber attacks.

The fact that hundreds of individuals' personal and financial information may have been exposed in this breach is alarming. It is especially concerning that the breach was not immediately detected by AudienceView and that it took some time for the college to be notified of the incident.

This case underscores the importance of universities taking a proactive approach to cybersecurity, including regularly reviewing and updating their security protocols and ensuring that all third-party vendors are fully vetted and compliant with security standards.

At Cyber Sleuth Security, we work with universities to provide tailored cybersecurity solutions that address their unique needs and vulnerabilities. Our team of experts uses the latest technology and strategies to protect universities from cyber threats and prevent data breaches like the one that occurred at Middlebury College.

We urge universities to take this incident as a warning and to take proactive steps to ensure the security of their students' personal and financial information. The consequences of a data breach can be devastating, both financially and in terms of reputational damage, and it is crucial that universities take cybersecurity seriously.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Post

Cyber Sleuth Security Icon

Copyright © Cyber Sleuth Security. All Rights Reserved

Privacy Notice
Terms of Use
Cookie Policy
Customer Portal Policy
Accessibility Statement
Information Security
Cookies Settings
menuchevron-down