Misconfigured Database Almost Suplexes the WWE

Misconfigured Database Almost Suplexes the WWE

If you’re a fan of the spectacle put on by World Wrestling Entertainment, Inc., you may find yourself pinned thanks to an error made in some of their databases. This error allowed personal information from three million users to be accessed by anyone who knew where to look.

The information contained in the first database was unnervingly comprehensive, including home addresses, email addresses, and birthdays--and in some cases, the genders and age ranges of children in the household.

The plain text database was discovered by an employee of Kromtech, a computer security firm, named Bob Dyachenko. Found on an Amazon Web Services S3 server, the database had no username or password protections. It is uncertain which branch of the WWE was maintaining this database. Despite this uncertainty, Dyachenko has some suspicions as to its source.

Due to the social media tracking data that accompanied the database, Dyachenko believes that the database belonged to one of the WWE’s marketing teams. The leaked data lines up with the details that the WWE collects from subscribers to the WWE Network, which allows customers to stream wrestling events.

This wasn’t the only database that was leaked, either. The second one--also hosted on Amazon--outlined the names, addresses, and phone numbers of primarily European fans. Fortunately, it does not appear that any passwords or financial information was exposed.

However, the fact that the WWE was collecting information on the ethnicity and age range of their adolescent audience has a lot of security experts concerned. This information was volunteered by the fans as they registered, but the WWE does not offer any explanation of what this data will be used for, beyond sharing it with select (unnamed) partners.

Once alerted to the vulnerability by Dyachenko, the WWE was quick to take down the data, making it inaccessible to outside eyes.

This is not the first leak that has happened on the Amazon servers, either. Other high-profile leaks have been caused by misconfigured servers and the like--which raises an important question regarding your business: is your data as secure as it could be?

While your business may not serve 3 million people, imagine the backlash you would receive if you had left the personal information of that many clients vulnerable. A simple mistake is all it would take to suddenly have your issue broadcast on the news as your remaining clients swiftly jumped ship. Regardless, a similar situation would likely happen in your own company, as your understandably upset customers would most likely seek an alternative in your competition.

Unfortunately, the harsh reality is that your data is always at risk, but this is where Network Management, Inc. can help. We can help resolve any issues to be found in your IT. Give us a call at (703) 848-9000 to get started.

Tip of the Week: Take This Quick Quiz
Tip of the Week: Five Programs No User Should Be W...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Wednesday, October 23 2019

Captcha Image

Contact Us

Learn more about what Network Management, Inc. can do for your business.

Call Us Today
Call us today
(703) 848-9000

8229 Boone Blvd.
Suite 250

Vienna, Virginia 22182

Latest Blog

If there is any solution that is a constant across businesses, it would have to be the use of email. This also means that the risk of threats coming in through an email solution is also present in businesses of every shape and size. How is ...

Account Login