Danish sports simulator exposes 110TB of user data


New research points to a data leak affecting golf and baseball enthusiasts using TrackMan devices.

Cybernews has received information that a Danish-owned sports technology company has exposed a 110TB publicly accessible database containing 31,602,260 sensitive data records. Cybersecurity Researcher Jeremiah Fowler discovered the leak.

The leaked data included:

ADVERTISEMENT
  • The user’s name
  • Email address
  • Service information, including Globally Unique Identifier (GUID)
  • WiFi and device hardware information
  • WiFi and device hardware information
  • WiFi and device hardware information
  • IP addresses
  • Camera log details
  • Security tokens

TrackMan is a popular sports software provider that focuses on data analytics to improve performance in sports like golf and baseball. It offers subscription software, indoor golf simulators, and devices like launch monitors to measure club speed, ball speed, and spin rate.

Their systems use Doppler radar and imaging to track ball flight and player movement in detail. TrackMan's technology is also used in broadcasting, providing graphics and stats to enhance the viewer experience.

Trackman data leak
This screenshot shows remote camera log details, including API, IP addresses, and security tokens. Credit: Jeremiah Fowler

The company’s sports analytics tools support performance analysis, coaching, and player development, which both amateur and professional sports representatives use.

The TrackMan system and software are priced at $21,995 for non-commercial use, with an annual software subscription costing an additional $1,100. The high prices suggest that users could be an attractive target for cybercriminals.

Trackman data leak
This screenshot shows log files including the Wi-Fi connection that the device used. Credit: Jeremiah Fowler

“It’s not known how long the database was exposed or if anyone else gained access to it,” said the researcher via Website Planet.

ADVERTISEMENT

“Only an internal forensic audit could identify additional access or potentially suspicious activity.”

Since malicious actors continuously and persistently scan the internet for publicly accessible databases, there is a good chance somebody may have found the leak.

Trackman data leak
This screenshot shows a document that contains the name, email address, and operating system details of a TrackMan user who appears to be a professional golfer. Credit: Jeremiah Fowler

The company has not responded to the researcher’s disclosure. Cybernews contacted the company for a comment, but no response has yet been received.

According to the researcher, the leaked data could be exploited to target TrackMan users with tailored spam, spear-phishing attacks, social engineering schemes, and malware distribution.

Cybercriminals can use GUIDs for network surveillance, gathering information about software versions, configurations, and known vulnerabilities. Once they find a weakness, they can target specific GUIDs linked to these flaws and potentially exploit the device’s defenses, including gaining unauthorized access or escalating privileges.

Trackman data leak
This combined screenshot shows what appears to be a configuration file or settings related to a computer or network device, such as a router, access point, or server. It includes various networking and system parameters that control how the device behaves on a network. Credit: Jeremiah Fowler

WiFi driver and configuration details also pose significant security risks. If cybercriminals identify vulnerabilities in a device’s wireless adapter, they could gain access to the device or network. Knowing the type of authentication and encryption (like WPA2 or WPA3) could help them launch brute force or downgrade attacks.

A successful man-in-the-middle (MITM) attack could compromise the router, allowing criminals to intercept or alter communications between connected devices and the network.

ADVERTISEMENT

Fowler claims to have sent a disclosure to the company. While he received no response, access to the database has been secured.