The private details of over 2,025 video game journalists and analysts have been compromised following a major data breach.
If you attended this year’s Electronic Entertainment Expo as an industry journalist or financial analyst, it is likely that your personal information has been made public by the trade show’s organizers, the Entertainment Software Association.
Up until recently, the ESA had published a spreadsheet on their website that featured the names, publications, home addresses, e-mail addresses, and phone numbers for several video game journalists, streamers, and Youtube creators. Financial analysts and investors also had their names featured on the list. This list could be downloaded by anyone who was able to access the ESA’s site before it was removed yesterday.
The spreadsheet was first identified by independent journalist Sophia Narwitz who alerted them of the security concern. Following her messages to the ESA, they took down the list which had possibly been published around the time of E3 2019 back in July. Individuals have had ample time to download the list since then and potentially spread it to other places which makes it difficult to say who has the information.
Fandomwire recently reached out to the ESA for comment who had this to say:
“ESA was made aware of a website vulnerability that led to the contact list of registered journalists attending E3 being made public. Once notified, we immediately took steps to protect that data and shut down the site, which is no longer available. We regret this this occurrence and have put measures in place to ensure it will not occur again.”
While this recent data leak presents obvious safety concerns it also stands to hurt the ESA’s relationship with the media and their bottom line. Numerous companies such as Wall Street’s Goldman-Sachs and publishers like Activision pay huge sums of money to the organization to attend E3. The price to attend the annual trade show is justified because of the various media personalities and content creators that were on that list can help these companies promote their products.
There are already some legal concerns surrounding the ESA’s publication of the list. Some of the publications featured on the spreadsheet were European-based publications, which means that the European Union could possibly fine them for violating their General Data Protection Regulations. According to the regulations, all companies that do business in Europe and collect data from users are to ensure that their data will be secure. Presently, the maximum fine for GDPR violations is over 20 million Euros or 22 million US dollars.
Even though it has yet to be announced it is possible that the various individuals will file class-action lawsuits against the trade body for their gross incompetent. It is going to be interesting to see who turns up at E3 2020 now with this looming over their heads.
We can confirm that FandomWire was not affected by this breach as our editorial staff did not have a physical presence at this year’s show.