Want more wrestling news, rumors, and results? Be sure to visit PWInsider.com and PWInsiderXtra.com.
Forbes is reporting that earlier this week Bob Dyachenko, from the Kromtech security firm, told Forbes he'd uncovered a huge, unprotected WWE database containing information on more than 3 million users, noting it was open to anyone who knew the web address to search. Looking at samples of the leaked information provided by Dyachenko, all data was stored in plain text.
The data included home and email addresses, birthdates, as well as customers' children's age ranges and genders where supplied, and was sitting unprotected on an Amazon Web Services S3 server. Dyachenko believes that the database was misconfigured by either WWE or an IT partner. WWE told Forbes that they were investigating the situation.
It wasn't clear which department put the information there but there was a lot of social media attached to the user accounts.
Once notified about it on July 4, WWE moved the database.
They quoted a WWE spokesperson as saying:
"Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured. WWE utilizes leading cybersecurity firms Smartronix and Praetorian to manage data infrastructure and cybersecurity and to conduct regular security audits on AWS. We are currently working withAmazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information.”
Note: The story has updated to reflect an updated WWE statement.
They are also working to determine the cause of the leak.
You can read the story by clicking here. ... Thanks to Eric Sturrock for his help!
If you enjoy PWInsider.com you can check out the AD-FREE PWInsider Elite section, which features exclusive audio updates, news, our critically acclaimed podcasts, interviews and more by clicking here!
Bang On Casino
