According to security firm Krontech one of its researchers discovered an unprotected database that contained a raft of customer information, including home and email addresses, dates of birth, financial earnings and genders.
The unencrypted database was stored on an Amazon server with no password protection, meaning it was able to be accessed by anyone who knew the web address.
Although it is unclear which branch of the WWE Corporation the database belongs to, it has been suggested that the data probably came from one of the its marketing teams as it contains social media tracking information.
“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured,” WWE said in a statement on its website.
“WWE utilises leading cyber security firms Smartronix and Praetorian to manage data infrastructure and cyber security and to conduct regular security audits on AWS. We are currently working with Amazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information.”
WWE was informed of the leak on the July 4 and immediately took down the database, although it is unclear how long it it had been left open for public access.