As discovered by the security company WizCase, a wrongly shaped Amazon S3 server, reported data of the football website Fut Fantastico. The data included information on 150.000 active and inactive users, including names, email addresses, dates of birth, user registration date, gender, notification settings, last login details, in-game statistics and IP addresses entered between 2017 and 2019.
The Fut Fantastico website, which allows soccer fans to create a virtual soccer team of their choice and play, is owned by the company Televisa. The server contained the security flaw, has now been fixed, after WizCase reported the leakage to the company.
According to WizCase researchers, the stolen information could be used by malicious agents to carry out illegal activities. "The wrong configuration of the server could allow fraudsters and criminals unrestricted access to various personal information. From the exposed data, an unauthorized person can find out, among other things, the name and location of a user. This infringement privacy could be a major threat to all involved. With the personal data immediately available, the hackers they can use them for fraudulent activities or to create new identities. The latter can help create new bank accounts, take over existing ones, buy illegal items or even obtain legal documents such as passports or driving licenses.
This is not the first time football fans have fallen victims breach of their data. Recently, Australia's AFL website was hacked and the personal data of 70 million users was leaked. Researchers from SafetyDetectives said they found about 132 GB of data from one of its databases Elasticsearch, including private user data and technical information about the company's website, BigFooty.com. SafetyDetectives reported the incident to BigFooty and also reported it to the Australian Cybersecurity Center. BigFooty.com is an Australian football application that focuses on football rules. The site allows users to interact with each other on a wide range of topics and football is one of the most popular among them.