LASER_oneXM

Level 33
Verified
...some quotes from the article:

"Although no credit card or password information was included, and therefore not at risk, WWE is investigating a vulnerability of a database housed on Amazon Web Services (AWS), which has now been secured," a WWE spokesperson said in a statement.
An improperly secured Amazon S3 "bucket" (server) belonging to World Wrestling Entertainment (WWE) had exposed the personal details of over three million fans.

The database was discovered this month by security researchers from the Kromtech Security Research Center. Kromtech staff contacted the WWE, whose employees secured the database within hours, along with a second one that researchers found after the first.
The first database exposed WWE user details
The first of these databases contained a big grouping of raw text files that contained information on WWE users, which presumably the company was using to study its fanbase and put together targeted marketing campaigns.
...
....

Second database exposed marketing data
Kromtech also says they found a second database, that also exposed between 10% and 12% of its content to the public. This S3 bucket contained spreadsheets with social media tracking of the WWE social media accounts; YouTube with weekly totals of plays, likes, shares, comments; and a large cache of saved Twitter posts.
....
......