WWE hits the canvas after leaking data on 3m customers

DataIQ News

World Wrestling Entertainment, home to the likes of Stone Cold Steve Austin and The Undertaker, has been hit by its own "smackdown" after exposing the personal data of over 3 million fans, putting their personal information at risk.

According to security firm Krontech one of its researchers discovered an unprotected database that contained a raft of customer information, including home and email addresses, dates of birth, financial earnings and genders.

The unencrypted database was stored on an Amazon server with no password protection, meaning it was able to be accessed by anyone who knew the web address.

Although it is unclear which branch of the WWE Corporation the database belongs to, it has been suggested that the data probably came from one of the its marketing teams as it contains social media tracking information.

“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured,” WWE said in a statement on its website.

“WWE utilises leading cyber security firms Smartronix and Praetorian to manage data infrastructure and cyber security and to conduct regular security audits on AWS. We are currently working with Amazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information.”

WWE was informed of the leak on the July 4 and immediately took down the database, although it is unclear how long it it had been left open for public access.

You have....

to be GDPR compliant.

Register with us for all the news

Sign-up to hear about the latest DataIQ news, content and events.