The former manager of Ticketmaster has been convicted of hacking rival company CrowdSurge

A former Ticketmaster executive who hacked into a rival company’s servers to steal data has been sentenced.

British national Stephen Mead stole sensitive data from CrowdSurge – a small business he used to work for – between 2013 and 2015. His actions contributed to the collapse of the company, said the Department of Justice, New York.

Mead pleaded guilty to conspiracy to hack into CrowdSurge in June. He has now been ordered to pay $67,970 in costs (around £52,000), and has been sentenced to a year’s supervised release.

Court papers filed in the US state that Ticketmaster executives had asked Mead to share “competitive intelligence” about the company.

Ticketmaster – which describes itself as the world’s largest entertainment ticketing platform – did not respond to the BBC’s request for comment.

Another former Ticketmaster executive, Zeeshan Zaidi, also pleaded guilty to conspiracy to commit computer hacking and wire fraud in 2019. He is yet to be sentenced.

Mead was ordered to pay back the amount he received when he left CrowdSurge, as well as a raise he later received from Ticketmaster.

A Foreign Office spokesman told the BBC: “We are providing consular assistance to the British man in the US and are liaising with local authorities.”

CrowdSurge – a website where artists could sell pre-sale tickets to fans – was a rival ticket company to Ticketmaster, with its headquarters in London and US office in New York. US court documents say the company is worth more than $100m.

Since 2010, Mead was CrowdSurge’s senior vice president of global operations and general manager for North America.

The BBC has seen court documents which state that when Mead left CrowdSurge in July 2012 he signed a “separation agreement”, which said he must not store or share confidential information – including customer lists, and marketing strategies – with any third party.

According to court filings, the agreement also stipulated that Mead was not to work for another ticket company for the rest of the year and, as part of the arrangement, CrowdSurge paid Mead approximately $52,970.

But he repeatedly violated the separation agreement, court documents say.

By the summer of 2013, Mead had been hired by Ticketmaster’s parent company, Live Nation, for a division called TicketWeb.

CrowdSurge’s computer server logs show at least 25 times its company data was accessed by computers with IP addresses registered to Ticketmaster and associated companies in New York, San Francisco, and Los Angeles, between August 2013 and December 2015. said the prosecutor.

According to prosecutors, Mead shared CrowdSurge spreadsheets containing financial information and passwords without permission, and accessed competitive information about the company’s customers and technology at the request of Ticketmaster executives.

He also provided other Ticketmaster employees with information that enabled them to access information secured by CrowdSurge. He advised them to “get the hell out of the system”, and discussed “cutting”.[ting] off CrowdSurge’s knees,” court documents said.

They also said that at one point, at Zaidi’s request, Mead made a presentation to at least 14 executives and employees of Live Nation and Ticketmaster in which he used the CrowdSurge username and password to log into their website without authorization. During the presentation – which was shown on a large screen in the conference room – Mead showed off one of CrowdSurge’s flagship products called Artist’s Toolbox – a web-based data analysis package for music artists.

During his tenure, Mead also shared real-time ticket sales data and player identities with CrowdSurge.

The DoJ says this information was used by Ticketmaster to organize competitive responses to win ticket business and pre-sale and compare products and offerings. It added Mead’s actions resulted in CrowdSurge losing money, which was “very important in a highly competitive business environment”.

It says Mead was later promoted to director of customer services in Ticketmaster’s artist services division in early 2015, reporting directly to Zaidi. He also got a raise.

Court documents state that Mead did not engage in criminal conduct for personal gain in the scheme, beyond the benefit he received by improving his standing and position within Ticketmaster.

CrowdSurge discovered Mead’s hack after a former Ticketmaster executive started working for the company in 2015 and warned them to change how their systems were accessed.

Mead’s employment was terminated by Live Nation and Ticketmaster around October 2017.

Court documents show that Mead left the US in 2019 and returned to the UK. He was arrested in Italy earlier this year and extradited to the US.

In 2015, CrowdSurge’s parent company, Complete Entertainment Resources, sued Ticketmaster alleging that it dominated the market and “attempted to destroy competition in the pre-sale ticket market for artists in a number of ways”.

This includes “preventing” many artists from working with SongKick – a company CrowdSurge partnered with in June 2015 – and using its market power to “force” them to work with Ticketmaster instead.

Ticketmaster and SongKick settled their legal dispute in 2018, resulting in Ticketmaster paying $110m to SongKick’s owners and buying SongKick’s ticketing technology for an undisclosed amount.

Ticketmaster entered into a deferred prosecution agreement with the New York Department of Justice after pleading guilty to five counts of fraud in 2020. This process involves a company reaching an agreement with a prosecutor, where the company has been charged with a crime but the trial is still ongoing. it is set by default.

The ticketing giant was fined $10m and agreed “where necessary and appropriate to modify or maintain its existing compliance program”.

The DoJ confirmed that Ticketmaster has completed the terms of the deferred prosecution until July 2024.