Massive WWE Leak Exposes 3 Million Wrestling Fans' Addresses, Ethnicities, and More

[The Intergalactic Koala]

WWE fans take note: an IT error may have left your personal information open to anyone, including addresses, educational background, earnings and ethnicity.

Earlier this week, Bob Dyachenko, from security firm Kromtech, told Forbes he'd uncovered a huge, unprotected WWE database containing information on more than 3 million users, noting it was open to anyone who knew the web address to search. Looking at samples of the leaked information provided by Dyachenko, all data was stored in plain text.

The data - which also included home and email addresses, birthdates, as well as customers' children's age ranges and genders where supplied - was sitting on an Amazon Web Services S3 server without username or password protection, Dyachenko said. It's likely the database was misconfigured by WWE or an IT partner as in other recent leaks on Amazon-hosted infrastructure. WWE said it was investigating.

It's unclear what branch of the WWE Corporation the database came from, though Dyachenko suspects it belonged to one of its many marketing teams, given it was accompanied by reams of social media tracking data, including posts from superstars and fans. The kinds of data in the leak are the same as those in the account details section for customers of the WWE Network, a subscription-based video streaming service for wrestling events.


That wasn't the only database WWE was leaking, Dyachenko added. It left another on Amazon's hosting service that contained reams of information primarily on European fans, though the information contained only addresses, telephone numbers and names, a review of samples of the data revealed. According to one customer, who responded to Forbes' inquiries trying to validate the leaked data, it was likely this database was from an online WWE store as "the network doesn't require a mobile number."

Shortly after WWE was alerted to the leak by Dyachenko on July 4, the company moved swiftly to remove them from the web, making them inaccessible.

"Although no credit card or password information was included, and therefore not at risk, WWE is investigating a potential vulnerability of a database housed on a third party platform," a spokesperson from the wrestling giant said.

Massive WWE Leak Exposes 3 Million Wrestling Fans' Addresses, Ethnicities And More

This carny ass company. At least folks will get 6 months of the Network for free 99.

 

[Ed MOTHERFUCKING G]

According to one customer, who responded to Forbes' inquiries trying to validate the leaked data, it was likely this database was from an online WWE store as "the network doesn't require a mobile number."

Buy wrestling shirts brehs

 

[Box Cutta]

I'd love to see those numbers on ethnicity....

 

[The axe murderer]

"Although no credit card or password information was included, and therefore not at risk, WWE is investigating a potential vulnerability of a database housed on a third party platform," a spokesperson from the wrestling giant said.

 

[Grifter]

Went from to when I saw leak.

 

[The Intergalactic Koala]

Went from to when I saw leak.

Forreal

I just did a free trial a month ago and now I just made the list.


fukk

 

[TOAD99]

Thought we were gonna see naked divas

 

[Dog Based Gremlin]

 

[Lo-Co]

Buy wrestling shirts brehs

Thank goodness I ain't sign up

 

[MenacingMonk]

I've bought from WWE Shop twice; last time was about 6-7 months ago.

 

[NYChase718]

Thought we were gonna see naked divas

Trish stratus and stephanie leaks from 2001-2002 era

 

[Mr. Jack Napier]

I just bought a shirt from the website like a month ago

 

[trick]

How are they going to address this on-air? Or will they?

 

[The Rainmaker]

:vinsanity:We should've used a rolodex to store that information as I suggested first, goddammit!

 

[Rell84shots]

Buy wrestling shirts brehs

If it's not the OG nWo shirt then i don't wear them.