Nine days after a daring cyberattack hit the Metropolitan Opera, taking its website offline, crippling its box office and hampering its ability to sell tickets, the company announced Thursday that those services had been restored.
“Following a cyber-attack that temporarily affected our network systems, we are pleased to announce that the Met is now able to process ticket orders through our website and in person at our box office,” the Met said in a post on its website, assuring customers that no credit card information was stolen during the attack.
The resumption of ticket sales at The Met, the largest performing arts organization in the United States, marked the end of what the company said was the first major cyberattack in its 139-year history. The attack, which took place during the usually lucrative holiday season, knocked out the company’s ticketing system at a time when it would normally be handling about $200,000 in sales per day.
Targeting the Met, which dealt a blow to the company as it struggled to coax audiences back to prepandemic levels, underlined that even venerable cultural institutions are not immune to cyberattacks in the digital age.
“This attack froze everything,” said Peter Gelb, the Met’s general manager, who said it wreaked havoc, undermined the electronic payment system for the company’s 3,000 full- and part-time employees, and compromised the ability to send sets for upcoming productions to order hindered. . “The teachable moment of this attack is that if someone wants to break into your system, it’s hard to stop them.”
Despite the disruption, the Met never missed a performance and continued to stage the grandiose old-school production of Verdi’s “Aida,” with its massive cast and towering sets, and the new Kevin Puts opera “The Hours,” starring in starring Renée Fleming, Kelli O’Hara and Joyce DiDonato and inspired by Michael Cunningham’s 1998 Pulitzer Prize-winning novel. Without the regular ticket system, the opera house offered $50 general admission tickets to seats that normally cost several times as much, through a website set up by Lincoln Center. Gelb said on Thursday that prices would return to normal levels.
Gelb said it appeared the attack was orchestrated by an organized criminal gang and that the FBI was aware of the attack.
Cybersecurity experts said the attack had all the hallmarks of a ransomware attack, a form of modern piracy that has become a global scourge in recent years as attackers target local governments, businesses, hospitals and now cultural institutions.
Experts say crime is widespread. In some cases, victims receive an email with a link or attachment containing software that encrypts files on their computer and holds them hostage until they pay a ransom.
While the attack had exacerbated the Met’s woes, Gelb said the company was undeterred. Paraphrasing a line from Terence Blanchard’s opera “Fire Shut Up in My Bones,” performed at the Met last year, he said, “We bend but we don’t break.”