Sports analytics technology company TrackMan has unknowingly exposed sensitive customer data, researchers have warned.
Jeremiah Fowler, a security analyst known for spotting unsecured databases, revealed new findings that he determined were from TrackMan.
The database had no password and contained 31,602,260 records – for a total of 110 TB, including sensitive customer data such as names, email addresses, IP addresses and security tokens – enough information to carry out identity theft, phishing and more. malicious activities.
Consequences of unsecured databases
After discovering the database, Fowler contacted TrackMan, who restricted public access the same day. However, we don’t know how long it was outside, or if anyone had access to it beforehand. We also don’t know if it is TrackMan that manages this database, or if it is a third party.
TrackMan is a technology company specializing in sports analytics, specifically for golf and baseball, with solutions used by Golf Channel, BBC and CNN World. It uses radar and imaging technology to track the trajectory and performance of balls and players with high precision. Athletes, coaches and teams use TrackMan’s detailed insights to improve performance in areas such as ball speed, launch angle or spin rate. The products are widely used in professional leagues, training facilities and by broadcasters to enhance sports analytics and fan experiences.
Unsecured databases remain one of the leading causes of data breaches and leaks. They are often unintentionally exposed to the Internet, either due to misconfigurations or oversights during implementation. Without basic security measures such as password protection or encryption, they become easy targets for hackers, who can locate them using automated tools and web scanners. The simplicity of accessing these databases, often without the need to bypass layers of security, makes them highly vulnerable to unauthorized access.
The consequences if hackers find such databases are serious. Companies may face financial losses, fines from regulators, reputational damage and loss of customer confidence. They may also face lawsuits, compliance violations and prolonged operational disruptions.