The Latest / Data Security News

WWE Database Lacked Cybersecurity

July 18, 2017

A database belonging to the World Wrestling Entertainment (WWE) Corporation was recently found to be left completely unprotected online. The database included the personal information of more than three million WWE fans: a very real threat to their cybersecurity.


Personal information up for grabs

The database was hosted by Amazon web services. It was discovered that the database was completely unprotected by any cybersecurity. The data was stored in plain text and anyone with the web address could have download the information hosted. It included names, email address, home addresses, date of birth, gender, ethnicity, earnings, education, children’s ages and social media activity of millions of American WWE customers.

It’s a bit unclear exactly which department of the WWE corporation the database comes from at the moment – whether it’s linked to the streaming service or the superstore. WWE confirmed the leak and said it was working with cybersecurity firms to address the issue. It said:

“Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured.”

Secure protection

Another WWE database that stored information on European fans was discovered to be unprotected as well. It’s unclear currently how long the databases were stored online unprotected and if they were discovered by any malicious parties before they were properly secured.

The details of why the databases were unprotected are not known yet. The whole incident is a clear demonstration of the huge task large corporations face these days to securely store massive amounts of data. Large corporation with many departments all need to work together to securely and reliably store customer data. The safest approach is to secure as little data as possible, but customer data can be vital to effective business strategies.

Consequently, organizations need to respect the trust customers put in them when they collect data, and ensure at all times security is their number one priority. Hopefully the WWE will learn from this mistake fast and guarantee customer data is properly protected in the future.