A data leak at World Wrestling Entertainment (WWE) has left the personal data of over three million fans exposed online and at risk of theft.
Security firm Krontech has revealed that one of its researchers discovered an unprotected database that contained a plethora of customer information, including home and email addresses, dates of birth, financial earnings and genders.
According to researcher Bob Dyachenko, the unencrypted database was stored on an AWS S3 server with no password protection, meaning it was able to be accessed by anyone who knew the web address.
Speaking to Forbes, Dyachenko suggested that the server was likely misconfigured by either WWE itself or an IT partner.
He added that, although it is unclear which branch of the WWE Corporation the database belongs to, the presence of social media tracking data suggests that it probably came from one of the organisation’s marketing teams.
“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured,” WWE said in a statement on its website.
“WWE utilises leading cyber security firms Smartronix and Praetorian to manage data infrastructure and cyber security and to conduct regular security audits on AWS. We are currently working with Amazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information.”
WWE was informed of the leak on the 4th July and immediately took down the database, although it is unclear how long it was left open for public access.
A similar incident occurred in the US, when a contractor for the Republican party exposed the personal information on more than 198 million citizens after again failing to secure an AWS S3 server.
The WWE discovery also comes in the same week that the AA was roundly criticised for failing to notify more than 100,000 customers of a data breach that occurred in April which is believed to have included names, email addresses and some credit card information.
After the United States imposes 100 percent tariffs on certain Chinese goods, Europe widens its…
OpenAI strikes deal with Reddit to train its AI tech on user posts and give…
Global spending spree from Microsoft continues, with huge investment for new data centre to drive…
Workforce blow. Newly privatised Toshiba has embarked on a 'revitalisation plan' that will entail the…
European Commission opens an official child safety investigation into Facebook and Instagram-owner Meta Platforms
Hundreds of AI and cloud engineers are being offered relocation out of China by Microsoft,…