Been wrongly billed recently for tickets you didn’t purchase on StubHub?

According to news reports last night, cyberthieves got into the accounts of more than 1,000 customers of the ticket reselling company and bought tickets for unspecified events.

Arrests in the case may be announced as soon as today in New York, according to both the Associated Press and Reuters, after an investigation spanning three countries: the United States, the United Kingdom and Canada.

The stories quoted a StubHub spokesman, based in San Francisco, saying the thieves got the login and password information of account holders from data breaches at other Web sites — another reason not to use the same information for multiple Web sites–or from malware on customer computers.

The spokesman said there was no breach of StubHub security, and that affected customers had already been contacted and issued refunds.

“We did not have anyone who hacked into our system,” Glenn Lehrman told Reuters.

He said the schemes involved a “pretty intense network of cyber fraudsters working in concert with each other.”