WWE Database Leak Exposes Millions of Users’ Data
Security firm Kromtech Bob Dyachenko revealed to Forbes that he uncovered a huge unprotected WWE database that contains information on more than 3 million users. Dyachenko claimed that it was open to anyone who knew the web address to search.
The breach includes addresses, educational background, earnings and ethnicity as well as customers’ children’s age ranges and genders. This information was reportedly stored on Amazon Web Services S3 server without username or password protection. It’s likely the database was misconfigured by WWE or an IT partner. The same thing happened with other recent leaks on Amazon-hosted infrastructure.
WWE issued the following statement regarding the issue:
“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a potential vulnerability of a database housed on a third party platform.”
“In today’s data-driven world, large companies store information on third party platforms, and unfortunately have been subject to similar vulnerabilities. WWE utilizes leading cybersecurity firms to proactively protect our customer data.””Although no credit card or password information was included, and therefore not at risk, WWE is investigating a potential vulnerability of a database housed on a third party platform.” “In today’s data-driven world, large companies store information on third party platforms, and unfortunately have been subject to similar vulnerabilities. WWE utilizes leading cybersecurity firms to proactively protect our customer data.”