New York City’s Metropolitan Opera, the largest performing arts organization in the U.S., is facing a class action lawsuit.
Why? A whopping 45,094 individuals had their personal data exposed during a cyberattack back on December 6, 2022. Everything from Social Security numbers to financial account info got leaked. It’s like a modern-day opera tragedy but with a lot less singing and a lot more legal jargon.
Deeper dive: This drama kicked off when cybercriminals froze the Met’s website and box office for nine days in December. This was the first time in the Met’s 139-year history that something like this happened, and boy, did they notice. The lead singer in this lawsuit is a former employee, Anthony Viti. He’s making sure the Met hears his voice loud and clear in the Manhattan Supreme Court. The Met did finally spot the breach, and ordered a third-party forensic investigation. What did they find? The cybercriminals had been stealing personal information for months, between September 30 and December 6, 2022.
The plot thickens, though: Like waiting until the final act to reveal the villain, the Met didn’t inform those affected until May 3, 2023 – nearly five months after the data breach.
What’s at stake? While the Met is offering 12 months of identity and credit monitoring services to the affected parties, there are fears that the fallout from this cyberattack could echo for years, even decades. It’s a stark reminder that even venerable institutions like the Met aren’t immune to the threats of the digital age.
Interestingly, the lawsuit alleges that the Met could’ve prevented this data breach if they’d heeded government warnings and installed better security measures. But the Met is hitting back, stating they “strongly believe this case has no merit.”
- Kitchener-Waterloo Symphony Fiasco, Explained - September 25, 2023
- Royal Philharmonic Survey Shows Audiences Want Change - September 18, 2023
- Apple’s Classical Ambitions: Embracing BIS Records and Beyond - September 11, 2023