Добро пожаловать на SKY-FRAUD.RU, после регистрации , вам будут доступны все разделы форума.
Вернуться   SKY-FRAUD.RU > Основное общение > Mass media about us > WWE Exposes Details of 3 Million Customers on AWS
Adv. info:
Важная информация
Основные домены форума: SKY-FRAUD.RU | S-FRAUD.RU

TOR: bcbm4y7yusdxthg3.onion

XMPP.NAME - Официальный Jabber сервер для участников SKY-FRAUD.RU
Mass media about us News from the world about us.

UAS section 1
Advert 2
Advert 3
Опции темы Опции просмотра
Старый 08.07.2017, 19:48   #1
Аватар для radikal
radikal вне форума
Регистрация: 08.02.2014
Сообщений: 4,422
По умолчанию WWE Exposes Details of 3 Million Customers on AWS

In what is likely to be an operator or technician error, WWE left unencrypted personal details of more than 3 million customers exposed on AWS in at least two separate databases. The issue was reported to WWE on July 4, and the company swiftly removed them.

According to a report in Forbes, the discovery was made by a Kromtech researcher named Bob Dyachenko.

WWE has acknowledged the incident with a brief statement on its website: "Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured. WWE utilizes leading cybersecurity firms Smartronix and Praetorian to manage data infrastructure and cybersecurity and to conduct regular security audits on AWS. We are currently working with Amazon Web Services, Smartronix and Praetorian to ensure the ongoing security of our customer information."

There is no indication in this statement over whether the database may or may not have been accessed or downloaded by anyone other than Mr Dyachenko.

According to Forbes, all the stored data was held in plaintext, and included educational background, earnings and ethnicity, home and email addresses, birthdates, and customers' children's age ranges and genders where supplied." Holding children's age, sex and home addresses will be particularly concerning for privacy advocates.

Although the WWE statement implies a single database, it seems that a second database contained European customer data; specifically comprising "reams of information primarily on European fans, though the information contained only addresses, telephone numbers and names..."

That second database is worth considering, since names, addresses and telephone numbers will be considered protected personal information under European laws.

"Organizations like WWE which inadequately value subscriber data will, from May 2018, find themselves exposed also to GDPR fines," warned Alan Calder, founder and executive chairman of IT Governance Ltd in an emailed comment. "A personal data breach on this scale would have to be reported to an EU supervisory authority and could well lead to a significant fine for failing to protect personal data."

GDPR can impose penalties of up to €20 million or 4% of global turnover, whichever is the greater; and that this can be imposed even though the company may be American, located in America, and storing the data on an American server.

This is not the first time in recent weeks that AWS customers have left data exposed. Last month, three contractors left 1 terabytes of data (including the details of 198 million American voters) on an unprotected AWS S3 bucket. There have been calls for Amazon to highlight sensitive data stored insecurely; but it is the customers' responsibility to protect it.

Even if security firms are employed by the data owner (or 'controller', in this case WWE), regulatory responsibility for protecting that data almost always remains with the controller under European law. SecurityWeek has reached out to both the WWE-named security firms (Smartronix and Praetorian) and will update this article with any response.
Ответить с цитированием

Advertising \ Реклама

HQ DUMPS by Donald Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU

Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU

HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU

Sell RDP/Продажа дедиков/RDP SHOP #1
Ссылки для доступа к сервису: UAS-SERVICE.RU \ UAS-SERVICE.SU

HQ DUMPS by Donal Trump
Ссылки для доступа к сервису: TRUMP-DMPS.RU

data, wwe, aws, information, database, customers, million, addresses, european, personal, security, amazon, smartronix, statement, american, praetorian, firms, details, exposed, left, home, included, telephone, stored, names
Здесь присутствуют: 1 (пользователей: 0 , гостей: 1)
Опции темы
Опции просмотра
Ваши права в разделе
Вы не можете создавать новые темы
Вы не можете отвечать в темах
Вы не можете прикреплять вложения
Вы не можете редактировать свои сообщения

BB коды Вкл.
Смайлы Вкл.
[IMG] код Вкл.
HTML код Выкл.

Быстрый переход

Похожие темы
Тема Автор Раздел Ответов Последнее сообщение
McDonald's App Leaks Details of 2.2 Million Customers radikal Mass media about us 0 21.03.2017 02:00
Details of 133,000 Three Customers Stolen by Hackers radikal Mass media about us 0 21.11.2016 19:19
Scrub 6.5 Million - It Was 117 Million Passwords Stolen From LinkedIn in 2012 radikal Mass media about us 0 19.05.2016 14:46
Microsoft Details Security Responsibilities for Azure Cloud Customers radikal Mass media about us 0 17.04.2016 15:01
Scottrade Hack Exposes Details Of 4.6 Million Users radikal Mass media about us 0 05.10.2015 01:54