Just a little less than one month before a cyber attack took the Ticketfly network temporarily offline, former Ticketfly CEO Andrew Dreskin signed on to an executive bonus plan aimed at converting the majority of Ticketfly clients over to his new employer Eventbrite by the end of 2018.

According to the April 26 document titled “Andrew Dreskin’s Executive Bonus Plan,” which was released by Eventbrite last month as it prepares to make an initial public offering, the co-founder of Ticketfly was to be given a sliding bonus based on how many clients he could switch to Eventbrite, and how much of Ticketfly’s $55.5 million in gross ticket fees he was able to retain. If Dreskin was able to migrate 75 percent of customers from Ticketfly to Eventbrite, he would be paid a $125,000 bonus — if he were able to convert 90 percent of Ticketfly’s customers, he would be paid a bonus of $500,000. For reasons that are unclear, three Ticketfly clients — Burning Man, the Toronto Festival of Beer and Just For Laughs Northwest — were excluded from the migration plan.

Graphic from Andrew Dreskin’s Executive Bonus Plan

The disclosure of the bonus plan raises new questions about the company’s response to the May 31 cyber incident that took the company offline for nearly a week and led to a large migration of Ticketfly clients to Eventbrite as the company investigated the hack.

Nearly four months after the attack, we know very little about the details of the hacking incident that led to system-wide blackouts affecting client websites, ticketing systems and email marketing platforms. Neither Dreskin nor Eventbrite co-founder and Julia Hartz have spoken publicly about the attack that resulted in the leak of personal data involving 27 million customers.

No one disputes that Ticketfly was targeted by a hacker, who defaced the front page of Ticketfly.com and obtained several databases of customer and client information, likely exploiting a security vulnerability within WordPress, the CMS system used to power the client websites Ticketfly built for its customers.

But what’s not known is whether Eventbrite’s aggressive conversion strategy — which sought to move 90 percent of Ticketfly clients on to Eventbrite in less than a year — played a role in the company’s response to the hacking attack. Amplify reached out to a company representative for comment on this article and did not receive a response.

A statement issued by the company on the day of the attack indicates that while the hack attack was likely contained within a few hours, a decision was made to take the entire Ticketfly system offline out of “an abundance of caution” as company officials and later outside investigators examined what happened.

“We realize the gravity of this decision, but the security of client and customer data is our top priority,” the statement reads.

It was during this time period that many Ticketfly clients — like RiotFest in Chicago — we’re moved onto the Eventbrite platform as a temporary workaround. On June 3, three days after the attack, company officials sent clients an email letting them know that they’d be receiving “a secure, non-WordPress based website solution” to temporarily replace their websites. Clients were also told “if you put your events or started selling tickets on Eventbrite, you have two options now that Ticketfly Backstage is back up: keep your events on Eventbrite, or revert back to selling them on Ticketfly.”

From there, the company released multiple statements keeping clients abreast of the company’s progress bringing the platform back online and restoring functionality for Ticketfly.com, the Ticketfly iOS app, and the Promoter and Fanbase systems. Customers who wanted to stay with Ticketfly were allowed to do so, but many expressed uncertainty about the long-term viability of the platform.

“I am really worried about what Eventbrite is planing with Ticketfly without much input from any of the clients — this just adds to that,” said one promoter client who requested anonymity.

Another promoter, who left Ticketfly after the attack for a competing ticket service told Amplify “I don’t think anyone I know will stay with Ticketfly,” adding that it was possible “this could be an Eventbrite move to just migrate clients without having to really explain why.”

Not all clients had a bad experience — “Ticketfly communicated with us regularly, responded to questions in a timely manner and helped us set up temporary solutions,” one client said. “Given the scale of the breach and the sheer number of properties being analyzed by forensic cybersecurity teams, we felt like we received accurate information as soon as it became available for Ticketfly to share it with us.”

It’s unclear if Dreskin is on track to convert 75-90 percent of Ticketfly clients into Eventbrite customers. While a number of customers made the switch following the attack, a small number left Ticketfly for competitors, and because Eventbrite has said so little about the attack, we simply don’t know how successful the company’s client retention program has been.