The Metropolitan Opera, also known as “The Met,” was hit by a cyberattack in December 2022 that resulted in the sensitive personal information of over 45,000 people being accessed by hackers.
The information stolen included names, financial account details, tax identification numbers, Social Security numbers, payment card information, and driver’s license numbers.
It is unclear whether the information stolen was related to customers or employees, and the organization did not respond to requests for comment on whether it was a ransomware attack.
Following the cyberattack, The Met offered one year of free identity monitoring services from Kroll to victims, and provided information on how they could place fraud alerts or security freezes on their credit files.
The FBI was contacted after the attack was announced, and third-party specialists conducted an investigation into the incident. The organization’s network systems, including the website, box office, and call center, were impacted, and it was unable to process new ticket orders or provide exchanges and refunds for several weeks.
The Snatch ransomware gang claimed responsibility for the attack on March 1, 2023. The group has previously targeted the government of Modesto, California, a large school district in Wisconsin, and Swedish automaker Volvo.
The incident highlights the growing threat of cyberattacks against organizations and the need for robust security measures to protect sensitive personal information.
