ESA apologises for E3 data breach

ESA leaks Journalist information from E3 2019

The Entertainment Software Association, or ESA, the organisers behind the yearly E3 conference, have apologised for revealing names, addresses, and contact details of over two thousand games journalists, content creators, and industry professionals attending E3 2019.

“ESA was made aware of a website vulnerability that led to the contact list of registered journalists attending E3 being made public,” the ESA said in a statement. “Once notified, we immediately took steps to protect that data and shut down the site, which is no longer available. We regret this occurrence and have put measures in place to ensure it will not occur again.”

The ESA have also given a statement about the location of the leaked file containing the details, stating that it was held on a password-protected area of the E3 website intended for exhibitors. They also revealed that earlier media contact lists, from 2004 and 2006, were also accessible. These have since been removed, but at this time we do not have any information about how long these were accessible or by whom.

“These were not files hosted on ESA’s servers or on the current website. We took immediate steps to have those files removed, and we received confirmation today that all files were taken down from the third-party site. We also immediately notified those persons impacted. General attendee information was not affected in this situation,” the ESA said.

“We are working with our partners, outside counsel, and independent experts to investigate what led to this situation and to enhance our security efforts. We are still investigating the matter to gain a full understanding of the facts and circumstances that led to the issue.”

Despite the statement, there are conflicting accounts with YouTuber Sophia Narwitz, who originally reported on the story, telling Buzzfeed News that the information ‘wasn’t password protected, it was just in the open for anyone to download with a single click’.
This story continues to evolve, with some affected contacting lawyers and concerns of GDPR breaches being investigated. As always, we’ll have the latest news and updates right here on the Newsroom.