TAIT, one of the world's leading live event solutions providers, disclosed a data breach that led to the exposure of personal and financial information stored on a server and on the email accounts of some of its employees.
The TAIT group of companies (Brilliant, Kinesys, Production Glue, Stage Technologies, TAIT UK, and TAIT Navigator) employs over 900 people in 14 office locations around the world and has been a provider of live experience solutions in over 30 countries, on all seven continents.
TAIT "worked on 17 of the top 20 highest-grossing concert tours of all time"  and its client roster includes NASA, Disney, Universal, Nike, Metallica, U2, Microsoft, MTV, The Olympics, Eurovision, The Rolling Stones, AC/DC, and many others.
The data breach was discovered on April 6, 2020, when TAIT noticed that an unauthorized party gained access to one of the company's servers and the email accounts of several TAIT employees.
TAIT immediately took its servers and email systems offline after discovering the incident and hired a cybersecurity company to help investigate the breach.
The following investigation revealed that the attackers initially hacked into the TAIT's servers almost two months earlier, on February 16, 2020.
"TAIT has addressed the security issues resulting in this incident, taking steps such as resetting the login credentials for TAIT’s servers and email system," the company said in a data breach notification.
"Additionally, TAIT conducted a review of its cybersecurity defenses and protocols and has implemented additional safeguards, such as adding multi-factor authentication and deploying endpoint monitoring systems."
After examining the contents of the compromised email accounts and server, TAIT found that the threat actor accessed "names, addresses, email addresses, dates of birth, Social Security numbers and financial account numbers."
Although the company is not aware of any misuse of the exposed information, it urges affected individuals to keep an eye out for fraud or identity theft attempts by reviewing their financial account statements and credit reports for any suspicious activity.
TAIT will also offer free credit monitoring to potentially affected individuals if they call the dedicated call center at 855-917-3540 to sign up.
"TAIT takes data security very seriously and understands the importance of protecting the information it maintains," TAIT Chief Creative Officer Adam Davis said.
"We are working to address this issue and regret any inconvenience this may cause to our valued employees, clients, and vendors."
TAIT Marketing Manager Kierston Powell confirmed that both customers and employees were among the impacted individuals.
Chief Creative Officer Adam Davis also sent BleepingComputer the following statement:
Upon discovering a data security incident, TAIT immediately took steps to investigate and secure its system with the support of a leading cybersecurity firm. To date, TAIT has no reason to believe that any of the information maintained in the server and email accounts was misused. We have implemented additional safeguards, and regret any inconvenience this incident may cause to our valued employees, clients, vendors and suppliers.
Update June 12, 11:29 EDT: Added TAIT statements.