Metropolitan Opera dealing with cyberattack that shut down website, box office

The Metropolitan Opera confirmed that it is dealing with a crippling cyberattack that has shut down their website and box office.

The New York-based opera house said on Wednesday evening that the cyberattack impacted their network systems, including their “website, box office, and call center.”

While all performances will continue as scheduled, the organization is unable to process new ticket orders or provide exchanges and refunds. 

“Once normal operations have resumed, we will honor all refunds and exchanges that we have been unable to process during this period,” the company said in a statement on Twitter.

“We are working as quickly as possible to get this difficult situation resolved.”

As of Thursday afternoon, the website displayed the same message posted to Twitter. General manager Peter Gelb told The New York Times that the company’s systems had been down for more than 30 hours after issues were noticed on Tuesday morning. The FBI has been contacted, according to Gelb.

The popular opera house handles about $200,000 in sales each day during the Christmas season due to an influx of tourists and increased demand for holiday shows. 

In a letter obtained by Opera Wire, Gelb told employees and leaders of the company that an investigation into the incident has been started and a cybersecurity company hired to deal with the response. 

But he added that it will “take time” to restore the company’s systems because they “first have to make sure that our systems are no longer infected and are secure.”

The Metropolitan Opera did not respond to request for comment about whether they were dealing with a ransomware attack or whether customer information was involved in the attack. 

As a result of the attack, the company will not be able to process paychecks, and its internal “Met email” system is also down alongside all internal systems. 

Gelb said more information would be provided in 24 hours once they have a “fuller assessment” of how much damage was done to their system. In the meantime, performances and rehearsals will continue.

The Metropolitan Opera is the latest arts organization affected by a cyberattack or ransomware incident this year following a wide-ranging attack on WordFly, a tech company providing digital marketing for dozens of the most popular cultural organizations in several countries.

That ransomware attack damaged email and text message marketing services for organizations like the Smithsonian, the Toronto Symphony Orchestra, Canada Stage, the Sydney Dance Company in Australia, the Royal Shakespeare Company, the U.K.’s Old Vic Theatre and several other major organizations.
The Smithsonian later said WordFly told them it “worked with the attackers” and confirmed that the stolen data was deleted.

Jonathan Greig

Jonathan Greig is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Recent Posts

Deepfake news anchors spread Chinese propaganda on social media

In a series of videos posted on Twitter, Facebook and YouTube, Chinese state-aligned actors used…

6 hours ago

New info-stealing malware used against Ukraine organizations

A new information-stealing malware named Graphiron is being used against a wide range of targets…

12 hours ago

Hackers used fake websites to target state agencies in Ukraine and Poland

Hackers attempted last week to infect Ukrainian government computer systems with malware hosted on fake…

12 hours ago

‘No evidence of malicious access,’ Toyota says about serious bug exploited by outside researcher

Toyota said it remediated the vulnerability discovered by researcher Eaton Zveare. The company referred others…

13 hours ago

Turkey’s government restricts access to Twitter amid earthquake response

Internet traffic data showed that Twitter was totally inaccessible from with Turkey. The government has…

14 hours ago

CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel

CISA adapted work by two Turkish developers into a script for recovering files affected by…

16 hours ago