Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
E3 Privacy Security Youtube Games

E3 Accidentally Doxxed Over 2,000 Journalists, YouTubers, and Streamers (buzzfeednews.com) 45

The Entertainment Software Association, which runs the E3 video game expo, accidentally made phone numbers, emails, names, and addresses of over 2,000 attendees public on their website. "A copy of the list was archived on several popular message boards for trolls, and includes the home addresses of many reporters," reports BuzzFeed News. From the report: The leaked list was discovered by journalist and YouTube creator Sophia Narwitz. Narwitz made a video about the database, titled "The Entertainment Software Association just doxxed over 2000 journalists and content creators," last week. Narwitz told BuzzFeed News that some members of the media criticized her following her video, accusing her of drawing attention to the list. Making Narwitz's role in this more complicated is her history with the pro-GamerGate subreddit, r/KotakuInAction. She's currently arguing publicly with members of the gaming site Kotaku. Based on screenshots Narwitz tweeted, however, she did attempt to notify ESA about the leak before making her video about it. "I think this whole event shows a stunning level of incompetence on the ESA's part. The file wasn't password protected, it was just in the open for anyone to download with a single click," she said. Harassment against those included on the list appears to have already begun. "ESA was made aware of a website vulnerability that led to the contact list of registered journalists attending E3 being made public," the ESA wrote in a statement provided to Kotaku. "Once notified, we immediately took steps to protect that data and shut down the site, which is no longer available. We regret this occurrence and have put measures in place to ensure it will not occur again."
This discussion has been archived. No new comments can be posted.

E3 Accidentally Doxxed Over 2,000 Journalists, YouTubers, and Streamers

Comments Filter:
  • Fake News (Score:5, Informative)

    by sexconker ( 1179573 ) on Monday August 05, 2019 @06:23PM (#59047524)

    The leaked list was discovered by journalist and YouTube creator Sophia Narwitz

    No, it wasn't. It was known about in February. It was distributed and discussed by people quietly up until Sophia Narwitz made a popular video about it.

    Then clowns at Kotaku, etc. attacked Sophia Narwitz as if she had caused the problem.

    • Re:Fake News (Score:5, Informative)

      by sexconker ( 1179573 ) on Monday August 05, 2019 @06:26PM (#59047536)

      Making Narwitz's role in this more complicated is her history with the pro-GamerGate subreddit, r/KotakuInAction.

      Again, no. That simplifies it. Kotaku, et. al. are attacking her because she is (rightfully) critical of their bullshit.

      • Re:Fake News (Score:5, Informative)

        by sexconker ( 1179573 ) on Monday August 05, 2019 @06:32PM (#59047578)

        "ESA was made aware of a website vulnerability that led to the contact list of registered journalists attending E3 being made public," the ESA wrote in a statement provided to Kotaku. "Once notified, we immediately took steps to protect that data and shut down the site, which is no longer available. We regret this occurrence and have put measures in place to ensure it will not occur again."

        Bull. Shit.

        The ESA was made aware of the fact that the file was available publicly because Sophia Narwitz herself did the journalistic legwork to notify them, ask them for comment, and give them a chance to fix it before she released her story.

        She knew of it, and was writing the story based on it, because others who knew about it had tipper her off to it. It was not a secret she exposed.

        She waited until the page with the link to the file returned an HTTP 404 status code before releasing her video. However, there was no "vulnerability" that the ESA fixed. They simply removed the page that linked to the file. And they didn't even remove the file itself. After the "fix", if you went directly to the file's URL (as opposed to the page linking to it), the file was still delivered to your browses. It took a second "fix" following the initial public stink for the ESA to actually pull the file from the site.

        The file itself existed for one reason - for publishers to be able to contact game media "journalists" and YouTube / social media "influencers" in order to pursue deals for advertising and shilling their games.

        The result of all this? E3 is dead.

        • (Should have hired me instead, fuckers!!!)

        • by Anonymous Coward

          The result of all this? E3 is dead.

          Bullshit. E3 isn't dead. E3 serves a somewhat weird purpose these days, as quite a lot of E3 is now done via streamed keynotes that technically are just E3-adjacent, but nothing has replaced E3 yet. It still serves its original purpose of connecting devs with journalists and now influencers, along with a new purpose of providing a single time of year when developers can release trailers and convince people to essentially watch ads. It's kind of like the Apple keynotes - they're just ads for their crappy pro

          • Nintendo does do conferences anymore, they put up a video on YouTube and just live stream developer interviews.

            Sony didn't even show up this year.

            The most entertaining thing to come out of E3 is Devolver Digital's insanity. The most informative thing to come out of E3 is all the leaks beforehand. There's no news - everything the press or the YouTubers give us is manufactured, focus-tested garbage.

            Both Sony and MS have new consoles coming out within the next 16 months most likely. They'll both want to hav

  • Collection of Data (Score:4, Insightful)

    by skogs ( 628589 ) on Monday August 05, 2019 @06:31PM (#59047576) Journal

    Here is an idea: How about we all just stop collecting all this data.

    Seriously. You paid your money or got a comp. You got a name, you get in. Some other twat gets in with your name? Guess they should have sent you a little code...like an airline reservation number. No PII required. I hate all these stupid cyber events and stuff that want to scan my attendee ID and then spend the rest of eternity emailing me and sending me spam. Seriously....I went....I saw....I talked.... If I'm interested I'll find you.

    • by sexconker ( 1179573 ) on Monday August 05, 2019 @06:34PM (#59047594)

      The data was collected so it could be distributed. But it's supposed to be distributed to publishers so they can work the media and influence the "influencers".

      How do you think those YouTubers end up with exclusive access to betas sand stuff? Do you think they're doing an unboxing video of a totally unexpected package that just happens to be the super duper collector's edition of the next big game? Even if the package truly was unexpected and had no strings (officially) attached, how do you think they knew where to deliver it?

    • by AmiMoJo ( 196126 )

      GDPR creates a legal requirement to minimize data collection, and when stuff like this happens the fact that you didn't is used to increase the fine. Companies are slowly learning that expensive lesson.

    • Here is an idea: How about we all just stop collecting all this data.

      You're talking about ending a significant source of revenue. Unless you can come up with a way to force them to stop, it's not going to happen.

  • by mcmonkey ( 96054 ) on Monday August 05, 2019 @07:17PM (#59047780) Homepage

    "we immediately took steps to protect that data"

    Oh, so they went around to anyone who may have the copied the list and deleted it off their computers? Taking steps to protect data is only something that can be done before the data is out.

  • "The Entertainment Software Association just doxxed over 2000 journalists and content creators," last week. Narwitz told BuzzFeed News that some members of the media criticized her following her video, accusing her of drawing attention to the list.

    Umm attention needs to be drawn to incidents like this. It is irresponsible to do otherwise.

    Fix your shit people. If someone performed some meltdown or specter shit on your data then ok, i might understand a little bit.

    But a folder sitting out in the open with

  • except... (Score:4, Insightful)

    by argStyopa ( 232550 ) on Monday August 05, 2019 @08:19PM (#59048012) Journal

    ...doxxing is the DELIBERATE exposure of this information.

    This is clearly an accident, so using the word doxxing is deliberately misleading, in the same sense someone who had a car accident that killed someone would be accused of "murdering" that person.

    • We're in a post-definition world where words mean whatever people want.
    • Accidental? The file was not password protected and was put on a public website with a direct link under a useful tools category. The company was notified of it in February and did nothing to take it down. Seems a pretty fucking deliberate exposure of personal information to me.

      • by Anonymous Coward

        Yeah, I guess the lawyers will have a field day with this.

  • Making Narwitz's role in this more complicated is her history with the pro-GamerGate subreddit, r/KotakuInAction.

    Oh dear, she stays informed about corrupt, scumbag journalists. To the contrary, I'd say that made things simpler, since she knew to keep the receipts handy in case they tried to smear her (which they did) instead of crediting her for her work.

    Or does Buzzfeed mean that makes it more complicated for them? Tough shit, then.

The explanation requiring the fewest assumptions is the most likely to be correct. -- William of Occam

Working...