No word yet if Ticketfly falls under GDPR rules—the company primarily deals with events in the United States, so it is uncertain whether it has EU customers—but the official statement does not include the term “data breach.” Rather, it refers to the attack as a “cyber incident” and notes the information of its customers was accessed.
Was this terminology incidental? Probably not. The words we use in regard to cybersecurity are important, especially now with GDPR.
via Language Matters When It Comes to a Data Breach – Security Boulevard.
