Pandemonium Rocks has inadvertently leaked the bank account details, phone numbers, names, and email addresses of hundreds of ticket holders. This breach occurred late this evening through a form that was distributed to festival attendees seeking refunds.
The data exposure includes sensitive financial information such as BSB and account numbers. These details belonged to attendees who submitted their personal information to claim a partial refund after the festival lineup dramatically changed last minute, leading to the cancellation of performances by 7 out of the 13 scheduled bands.
The incident adds to the woes of Pandemonium Rocks, which has already faced public backlash for not providing full refunds as per Australian Competition & Consumer Commission (ACCC) guidelines. These regulations stipulate that full refunds ought to be issued if an event undergoes significant alterations, such as major lineup changes. Despite this, the festival organisers have refused to offer complete refunds, instead proposing a $70 partial refund to those who paid the full ticket price. Attendees who purchased discounted tickets and VIP ticket holders, some of whom spent up to $800, have not been offered any form of financial reimbursement.
The breach has potentially affected all ticket holders who opted to enter their financial details to receive the $70 refund. The full extent of the breach and the number of people affected are still being determined as Pandemonium Rocks has not yet issued a detailed statement regarding the scope of the incident or the steps being taken to address the fallout.