“Data Leak” Exposes Some Info of Apparent WWE Network Users

News
Jul 6, 2017

Forbes posted a story about an apparent “WWE data leak,” saying:

WWE fans take note: an IT error may have left your personal information open to anyone, including addresses, educational background, earnings and ethnicity.

Earlier this week, Bob Dyachenko, from security firm Kromtech, told Forbes he’d uncovered a huge, unprotected WWE database containing information on more than 3 million users, noting it was open to anyone who knew the web address to search. Looking at samples of the leaked information provided by Dyachenko, all data was stored in plain text.

The data – which also included home and email addresses, birthdates, as well as customers’ children’s age ranges and genders where supplied – was sitting on an Amazon Web Services S3 server without username or password protection, Dyachenko said. It’s likely the database was misconfigured by WWE or an IT partner as in other recent leaks on Amazon-hosted infrastructure. WWE said it was investigating.

It’s unclear what branch of the WWE Corporation the database came from, though Dyachenko suspects it belonged to one of its many marketing teams, given it was accompanied by reams of social media tracking data, including posts from superstars and fans. The kinds of data in the leak are the same as those in the account details section for customers of the WWE Network, a subscription-based video streaming service for wrestling events.

The article mentioned that the data appeared to be the same as WWE Network account data, but there was apparently no credit card or password information leaked. WWE stated:

“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a potential vulnerability of a database housed on a third party platform,” a spokesperson from the wrestling giant said. “In today’s data-driven world, large companies store information on third party platforms, and unfortunately have been subject to similar vulnerabilities. WWE utilizes leading cybersecurity firms to proactively protect our customer data.”

Trending
  1. WWE Backlash 2024 Results - May 4, 2024 - Cody Rhodes vs. AJ StylesWWE Backlash 2024 Results – May 4, 2024 – Cody Rhodes vs. AJ Styles
  2. WWE Backlash 2024 Notes: Tanga Loa Makes Surprise WWE Return & Joins Bloodline, Backlash Breaks WWE Arena Gate Record, Bianca Belair & Jade Cargill Wins Women's Tag TitlesWWE Backlash 2024 Notes: Tanga Loa Makes Surprise WWE Return & Joins Bloodline,…
  3. Bryan Danielson Reportedly Taking Rest Break from AEWBryan Danielson Reportedly Taking Rest Break from AEW
  4. WWE Announced Full List of First Round Matches for King & Queen of the Ring 2024 Tournaments for RAWWWE Announced Full List of First Round Matches for King & Queen of the Ring 2024…
  5. WWE Releases Drew Gulak, Valentina Feroz, & Boa Among 11 NXT Talents Cuts on FridayWWE Releases Drew Gulak, Valentina Feroz, & Boa Among 11 NXT Talents Cuts on Friday
  6. Gable Steveson Reportedly Released from WWEGable Steveson Reportedly Released from WWE