Massive WWE Leak Exposes 3 Million Fans' Data; WWE Issues Statement

WWE fans should take note that an IT error has left personal information open. Earlier this week, Bob Dyachenko from Kromtech, a security firm, spoke to Forbes saying he had uncovered a huge, unprotected WWE database which held data on more than 3 million users and noted it was open to anyone with access to the web address. Looking at samples of the leaked information provided the data was stored in plain text.

The data, which contained home and email addresses, birthdates as well as customers' children's age ranges and gender was sitting on an Amazon Services S3 server without username/password protection. It is likely the database had been misconfigured by WWE or an IT partner much in the same manner as other recent leaks on the Amazon-hosted infrastructure. WWE stated it is currently investigating.

WWE issued the following statement:

"Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured. WWE utilizes leading cybersecurity firms Smartronix and Praetorian to manage data infrastructure and cybersecurity and to conduct regular security audits on AWS. We are currently working with Amazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information.”