The Metropolitan Opera is facing a class action lawsuit filed in Manhattan Supreme Court.
According to the Daily News, the lawsuit against the opera is due to the company’s failure to safeguard the credit card numbers and other personal information of more than 45,000 patrons and employees compromised during a massive computer hack in 2022.
The lead plaintiff is Anthony Viti, a former Met employee who filed the lawsuit last week and who claims that his Social Security number, his driver’s license number, his date of birth, and financial account information were all accessed by hackers.
The lawsuit said, “For approximately two months, The Met failed to detect an intruder with access to and possession of The Met’s current/former employees and consumers’ data. It took a complete shutdown of The Met’s website and box office for The Met to finally detect the presence of the intruder.”
The lawsuit also noted that it crippled the cultural institution’s computer system for more than a week and “alleges that The Met failed to install the proper security measures despite numerous government warnings that it could be a target for cyberattacks.”
According to the lawsuit, the has only offered 12 months of identity monitoring services despite the fears that such breaches can cause “ripples for many years, if not decades.”
The Metropolitan Opera was hacked on Dec. 6, 2022 and Gelb sent a letter to the company noting, “Dear Members of the Company, Unfortunately, we’ve experienced a cyber attack that has temporarily impacted our network systems. Upon discovery of this, we launched an immediate investigation into the nature and scope of the incident. While web experts work to resolve the situation, our systems are down.”
The company’s systems returned on Dec. 15 and stated, “based upon our ongoing investigations into the recent cyberattack, we would like to reassure our customers that ticketing customer data, including credit card information, used when purchasing tickets, has not been stolen. We do not keep credit card information in the systems that were affected by the cyberattack.”
According to the report by the Daily News, Stephanie Basta, the Met’s lawyer wrote in a letter, “Through an investigation conducted by third-party specialists, the Met learned that an unknown actor gained access to certain of their systems between September 30, 2022 and December 6, 2022 and accessed or took certain information from those systems.” She added that the information o 45,094 patrons, workers, and former employees was compromised.