Updated: April 4, 2023
Online ticket services are now available.
April 4, 2023
We are pleased to announce that the UB Student Union Ticket Office is back up and running as normal. You may begin to send in your event/ticket requests as you have done in the past.
Over the last month, UB student governments representatives have worked with the Ticket Office and the UB Information Security Office to ensure the software system that the Ticket Office uses has been properly secured and that all possible threats have been addressed. The recent AudienceView security breach was caused by an employee with credentials who entered a malicious code into the system. This employee no longer works at AudienceView and Mandiant (a third-party remediation vendor) has confirmed that the code is no longer running.
According to the UB Information Security Office, there is little AudienceView could have done in ways of an insider threat and that a rouge employee can introduce this issue. We are happy to know that AudienceView did not have a vulnerability that was exploited or an unpatched system that was taken advantage of.
Because of this, we feel as though there is no valid technical reason not to continue to move forward with the AudienceView software at this time.
I would like to thank you all for your patience and understanding during this incident to ensure that all your personal information was safe and secure.
March 1, 2023
As you may know, the third-party vendor, AudienceView, used by our Student Government Associations to sell tickets through the Student Unions Ticket Office (221 Student Union) experienced a security breach last week, potentially compromising the personal information of customers, including credit card numbers and billing addresses.
This breach has affected a number of other colleges and universities that use AudienceView as a vendor. It should also be noted that customers who bought tickets through the Center for the Arts have not been impacted by this breach, as originally believed.
The vendor is in the process of issuing emails to those potentially impacted; please watch your email for the subject line: Notice of Security Incident, from Campus Student Data.
While the vendor informed the university the breach was limited to those who purchased between Feb. 17 and Feb. 21, the UB Information Security Office
has investigated further and believes the problem could be more widespread. Some UB students who made purchases outside that period of time have reported unauthorized transactions on their accounts.
As a precaution, we are asking all customers who made online purchases through the ticket office since the start of the academic year to monitor their credit or bank statements. If you believe you have been the victim of fraud, please reach out to your financial institution immediately to report your concerns:
In both instances, please ALSO reach out to AudienceView to notify them directly by email at firstname.lastname@example.org.
The vendor will be offering free credit-monitoring services for customers potentially impacted so it's important that you report issues immediately.
In the meantime, officials with the university and student government are reaching out to representatives of AudienceView to determine their next steps for addressing the compromised data and financial loss some students have already incurred.
Out of an abundance of caution, AudienceView has disabled ticketing services until they can determine if the security risk has been eliminated. UB is working with student governments on a temporary solution so students can continue utilizing the ticket office in support of their programs and events. Service with the vendor will not resume until the Student Government Associations are satisfied with their remediation success.
We will keep you informed of further developments as more details become available on this website.
Your student governments,
A meeting with student government leaders was scheduled for Tue. 2/28 to review possible next steps. Additional notification mechanisms: