Sections

ESA has previously leaked media's personal details for E3

Files have now been taken down from web archive, ESA "still investigating the matter"

It turns out this weekend's news about the ESA inadvertently leaking journalists' details is not without precedent.

GamesIndustry.biz has learned that databases of personal information for media professionals attending E3 are also available from two previous years. These lists were publicly available until earlier today, when the ESA stated (and GamesIndustry.biz confirmed) that they had been taken down entirely.

While both these events were so long ago the details are likely out of date, the fact they were publicly available until earlier today raises concerns.

The databases we have seen contained more than 2,800 listings for journalists who attended one E3, and more than 3,300 for those who attended another.

These listings include full names, job titles, addresses (often work, but some for home), email addresses, phone numbers and fax numbers.

This follows from news that emerged over the weekend that personal details for over 2,000 journalists, YouTubers and analysts were accidentally leaked via an attendance database for E3 2019.

The trade body has since offered an explanation and apologised, but it has done little to calm the outrage within the games media community.

The statement does claim that "for more than 20 years, there has never been an issue." The databases we have seen prove otherwise.

The ESA has issued a statement, which reads in full as follows:

"On August 2, the ESA learned that a confidential file containing the contact information of registered E3 2019 media badge holders could be accessed by individuals other than authorized users. The file was located in a password-protected section of the E3 website, which was intended for exhibitors only.

"As soon as we learned of this issue, we took immediate action. We removed the file from the website, we disabled access to the site's exhibitor portal, and we notified those affected. In addition, we launched a process to locate and remove private and public caches and other publicly-accessible online locations that contained the file.

"In the course of our investigation, we learned that media contact lists from E3 2004 and 2006 were cached on a third-party internet archive site. These were not files hosted on ESA's servers or on the current website. We took immediate steps to have those files removed, and we received confirmation today that all files were taken down from the third-party site. We also immediately notified those persons impacted. General attendee information was not affected in this situation.

"We are working with our partners, outside counsel, and independent experts to investigate what led to this situation and to enhance our security efforts. We are still investigating the matter to gain a full understanding of the facts and circumstances that led to the issue."

Additional reporting by Rebekah Valentine.

Related stories

Nintendo, Sony, Microsoft to require loot box odds disclosure

ESA says platform holders will roll out new policy that would apply to new games and updates that add loot box features

By Brendan Sinclair

Latest comments (1)

basically phone book info. There are way worse breaches out there.
0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.