A list of 2,000+ industry professionals' personal data was left online by the ESA

Avatar image for bladeofcreation
BladeOfCreation

1531

Forum Posts

27

Wiki Points

0

Followers

Reviews: 1

User Lists: 3

This story is a wild (although not necessarily shocking) bit of incompetence by the ESA. More than 2,000 industry professionals had their personal contact data available on the ESA's website.

https://www.engadget.com/amp/2019/08/03/e3-data-breach-media/?guccounter=1&__twitter_impression=true

Avatar image for devise22
devise22

787

Forum Posts

0

Wiki Points

0

Followers

Reviews: 1

User Lists: 3

Yeah this shit is awful both on ESA part, and for potential harassment problems. The target on journalists in the game industry continuously is just trash, and it just keeps evolving and changing due to issues like this. It's just ugh. Hopefully those effected by this can protect themselves as best possible.

Consequences for future E3/ESRA?

Avatar image for musubi
Musubi

17468

Forum Posts

5625

Wiki Points

0

Followers

Reviews: 8

User Lists: 14

I bet this kills E3. People were already pulling out left and right this year. Who is going to want to trust the EA with their information after this?

Avatar image for cure_optimism
Cure_Optimism

90

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Some ol' bullshit right here. Hopefully nothing comes of it because that would make the whole situation infinitely worse.

Avatar image for wollywoo
wollywoo

387

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Sounds like class action lawsuit material.

Avatar image for deactivated-5d5f33a6b34f9
deactivated-5d5f33a6b34f9

210

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 1

Awful, and terrible decision on that ”journalists” part to publish their video on the story before the info had been completely taken down from the site.

Avatar image for conmulligan
conmulligan

2033

Forum Posts

11722

Wiki Points

0

Followers

Reviews: 0

User Lists: 10

#7 conmulligan  Online

Jesus, what a shitshow. Hopefully most people used their work address and phone.

Avatar image for bladeofcreation
BladeOfCreation

1531

Forum Posts

27

Wiki Points

0

Followers

Reviews: 1

User Lists: 3

@farleyslundgren: Yeah. When you get into the greater context of who that person works for, the way this was revealed starts to look pretty fucked up.

Avatar image for fasterblaster
fasterblaster

16

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Lawsuit.

Avatar image for shindig
Shindig

5067

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

A new challenger for Hottest Mess or Dampest Squib.

Avatar image for creepin_jeezus
Creepin_Jeezus

1

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

#11  Edited By Creepin_Jeezus

I assume this includes European journalists? Looks like the ESA is about to get very familiar with the GDPR.

Avatar image for rahf
Rahf

603

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

#12  Edited By Rahf

This is déjà vu in ironic fashion.

Allow me to first inform you of a Swedish agency, and what it does.

Vårdguiden 1177 is a Swedish service providing healthcare by telephone.

Last year it was uncovered that millions of recorded telephone calls were stored on an open, unprotected server as separate audio files. Clear as daylight if you had the address, you had access to incredibly sensitive personal data from a sizeable portion of the Swedish populace. Ostensibly every call that's been made to the medical advisory since 2013 was there. Needless to say it was a scandal of epic proportions.

Avatar image for bladeofcreation
BladeOfCreation

1531

Forum Posts

27

Wiki Points

0

Followers

Reviews: 1

User Lists: 3

@rahf: Jesus, that's terrible. Does the Swedish public have any recourse, via national laws or the GDPR, that would allow them to seek compensation for that?

Avatar image for danthepostman
DanThePostman

21

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

@rahf: I can understand them maybe getting hacked but the fact that both of these were just publicly available hurts any chance of goodwill ever. Both situations detailed just eat at me something fierce.

Avatar image for jesus_phish
Jesus_Phish

3932

Forum Posts

3307

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

@bladeofcreation: Look man, what did you want her to do? Email everyone on the list to let them know they need to alert the ESA on mass? Do you know how long it would take to email 2000+ people when all you have is a spreadsheet of their email addresses??

Avatar image for danthepostman
DanThePostman

21

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

@jesus_phish: agreed. It’s not her job to inform the affected parties. That’s the ESA’s to own up to and resolve this matter in a timely and effective manner. Unfortunately, that level of idealism just doesn’t exist here.

Avatar image for hermes
hermes

2664

Forum Posts

75

Wiki Points

0

Followers

Reviews: 0

User Lists: 6

@jesus_phish:About 15 minutes? (https://developers.google.com/apps-script/articles/sending_emails)

I am not trying to divert responsibility from ESA for a mayor (and suable) screw-up, or blame the victims here, but the really responsible thing for both parties would be to give a heads up to the people involved and wait a reasonable amount of time before divulging a security vulnerability wide open on youtube for attention.

Avatar image for dudeglove
dudeglove

13864

Forum Posts

1166

Wiki Points

0

Followers

Reviews: 2

User Lists: 2

If I were more conspiratorial I'd argue that the ESA did it deliberately as a way to nuke E3 altogether but it's far more likely to be wholesale incompetence.

I look forward to the class action lawsuit by the combined forces of every single industry professional.

Avatar image for jesus_phish
Jesus_Phish

3932

Forum Posts

3307

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

@hermes: @danthepostman: I was being sarcastic in my post.

She should've alerted everyone and the lot of them pressured the ESA into shoring it up before reporting on it. It's come out now that the ESA apparently did something like this twice before (leaving docs in plaintext from 2004/2006) only nobody lit up the bat signal on them before it was resolved.

Avatar image for hermes
hermes

2664

Forum Posts

75

Wiki Points

0

Followers

Reviews: 0

User Lists: 6

Avatar image for someoneproud
someoneproud

690

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Really looking forward to some savage GDPR backlash to this at least.

Avatar image for casepb
Casepb

851

Forum Posts

0

Wiki Points

0

Followers

Reviews: 0

User Lists: 0

Well damn, that's awful for those people. I'm also wondering if this will kill E3.

Avatar image for monkeyking1969
MonkeyKing1969

7767

Forum Posts

1241

Wiki Points

0

Followers

Reviews: 0

User Lists: 18

The ESA left the list up for over a month. The ESA was told it was up and did not respond..at all. A journalist then told the story of how ESA was being loose with data. There was no "wait until it could be removed" the damn list was up for OVER A MONTH and was thus archived on Wayback Machine .

The only villain in this story is the ESA. (Let's just put aside that once again Jason Schreier attacked another journalist for no reason...he messes up a lot...he can't help himself. But he is not important to this story, just a sideshow clown) The fact is the ESA messed up badly, a huge leak, they were told about ist and instead of responding in a reasonable time (that in my mind being less than a few hours) they just ignored the issue until it blew up.