Songkick  sold concert tickets.  One of their execs left for a competitor, taking trade secrets and access to Songkick's systems, which Ticketmaster subsequently used in violation of the Computer Fraud and Abuse Act, resulting in Ticketmaster paying both a $110M settlement to Songkick and a $10M federal criminal fine.  Songkick however fared even worse.  Between the loss of business and the dealing with the legal aspects, they ended up bankrupt and now part of Warner Music. 

Apparently, the big things the enabled Tickemaster to succeed was that URLs to pre-release information were protected only by "secret" URLs; future URLs could be predicted by knowing generation algorithm; and that Songkick did not change passwords when the exec left.  These all seem pretty much like the things one should learn in security 101.