Rockies Blame Hackers For World Series Ticket Fiasco

Printer-friendly version Email this CRN article

The Colorado Rockies on Tuesday will take another shot at selling World Series tickets online, a day after a team official said its online ticket system was targeted by unknown miscreants.

At noon MT, the Rockies will put up for sale about 60,000 tickets for the team's three World Series games with the Boston Red Sox, scheduled for next week in Denver. As was the case yesterday, fans will have a chance to buy the tickets from the Rockies website.

On Monday, the Rockies were forced to suspend online World Series ticket sales after the team's online ticketing service, which is operated by Irvine, Calif.-based technology provider Paciolan, was brought down by a flood of 8.5 million hits.

Late yesterday, Keli McGregor, Rockies team president, said the outage was the result of a coordinated effort by unknown outsiders. "Our Web site, and ultimately our fans and our organization, were the victim of an external, malicious attack that shut down the system and kept our fans from being able to purchase their World Series tickets," McGregor said in a statement.

Paciolan, which handles the online ticket sales for Colorado and several other Major League Baseball teams, said the system outage affected all its North American customers. TicketMaster in July announced a bid to acquire the Irvine, Calif.-based firm for an undisclosed sum, in a deal that is still under government review.

Paciolan, couldn't be reached for comment on the cause of the outage.

Solution providers said a distributed denial of service attack on Paciolan's online ticketing system is the most likely cause of the outage.

Online ticketing encourages abuse, not just from ticket brokers, but also from others with the technical know how to manipulate the system, said Greg Hanchin, principal at Dirsec, a Centennial, Colo.-based security integrator

"It's challenging to sort through Web traffic and figure out who are your potential customers and who are the robot guys who've written automated browser scripts in order to get tickets," said Hanchin.

Others were less charitable about where the blame lies for the outage.

"This appears to be less about a technology failure and more about mismanagement and leadership. The technology and processes were there, but it's possible that a proper service level agreement wasn't part of the equation," said another solution provider, who requested anonymity.

Printer-friendly version Email this CRN article