Ticketmaster says some customers’ personal information may have been stolen.

It was the victim of a “data security incident” and the information customers provide to the company may have been compromised. The ticket sales giant confirmed it recently discovered “an unauthorized third party” was able to obtain information from a cloud database hosted by a third-party data services provider.

“Based on our investigation to date, we determined that the unauthorized activity occurred between April 2, 2024, and May 18, 2024,” Ticketmaster wrote in an email sent to its users on Monday. “On May 23, 2024, we determined that some of your personal information may have been affected by the incident. We have not seen any additional unauthorized activity in the cloud database since we began our investigation.”

The U.S.-based company confirmed the database contained personal information of customers who bought tickets to events in Canada, the U.S. and Mexico.